Teach this new generation how much we can build and discover new things within our area!
[PenTest Magazine]: Hi Filipi! Thank you for agreeing to this interview, we’re honored! Many of our readers know you from your course available here at PenTest Mag and your numerous write-ups published with us, but could you please introduce yourself to those of our readers who might have not come across your publications just yet?
[Filipi Pires]: Hi everyone, once again it’s a pleasure to be here ☺
My name is Filipi Pires, I’ve been working as a Security Researcher at Saporo, one startup focused on putting order in chaos and resisting attacks by reducing excessive access. I founded my own company called Black and White Technology (https://www.linkedin.com/company/black-white-technology) and we’re passionate about delivering CyberSecurity, Technology and Innovation.
We provide consulting services such as:
- SOC - Security Operation Center
- Security Research
- Application Security Consulting
- Information Security Consulting
- Performing penetration tests on web-based applications, networks and computer systems
- Research, document and discuss security findings with management and IT teams
- Defining requirements for information security solutions
- Performing verification tests
- Vulnerability testing
- Security Training
- Talks in Conferences/Events/Meetups
And I really love to help communities talking about open source and security projects, working as an advocate and ambassador in projects such as: Hacking is not a Crime and Snyk Ambassador program.
[PenTest Magazine]: You are an activist involved in the “Hacking is not a crime” movement. How would you define its ultimate goal? Needless to say, most of our readers agree with this notion, but for many people from the general public, hackers are still some kind of dangerous villains waiting to take control over their phones. How can we convince them otherwise?
[Filipi Pires]: The main goal is to clarify the Hacking concept ☺, contrary to this mischaracterization, being a hacker is an identity, lifestyle, and mindset. It is not a fashion statement or a movie character. A hacker is an inquisitive critical thinker who solves complex problems in an unorthodox manner. The means by which these are solved — be it social, financial, economic, political, technological, or otherwise — is "hacking". You can find more information on our website (https://www.hackingisnotacrime.org).
[PenTest Magazine]: Can you share with us some more details on “Hacking is NOT a Crime Movement”? Some recent events, activities, and agenda for the near future?
[Filipi Pires]: Yes, of course. We have our Youtube channel - https://www.youtube.com/c/hacknotcrime/videos, with some videos in our HackerCon event organized by us, we’re involving in many different events such as:
Black Hat, Bsides Las Vegas, Texas Cyber Summit, and others. More information is here in our event page - https://www.hackingisnotacrime.org/events.
[PenTest Magazine]: Most of the people around the world have never met a real hacker. How can we, as the community, educate them on who we are and what we do? It seems essential to change the unfavorable connotations with the word “hacker”.
[Filipi Pires]: The big problem is that newspapers, and the media in general, need to find a guilty party when there is a cyber crime, so this stereotype was created that the person who attacks companies is called a hacker, where in fact whoever robs companies or any type business is called a criminal, it’s as simple as that! When a lawyer steals something, he commits a crime and becomes a criminal; for that act, the lawyer category remains the same, unchanged, just like any other area. The concept of hacking is something simple, it's something/someone who uses their creativity to discover new things, the application of it in an unethical way makes you a criminal.
[PenTest Magazine]: Regarding hacking and cyber criminals - what’s your opinion about recent events regarding Uber hack and leaked GTA VI from Rockstar Games? There’s certainly something exciting about a teenager hacking two giant companies. How would you define the difference between “hacker” and “cyber criminal” in this case?
[Filipi Pires]: The relationship is simple for me, teenagers/younger people are often inconsequential, and use the concept of hacking to discover software flaws, but they go down to expose/sell data, for financial reasons, in order to earn easy money. Unfortunately, nowadays, cyber crime is very "attractive" for the youngest. We, as people who work with cybersecurity, need to educate young people more and more about the consequences of cybercrime, and spread the message of true hacking. On the other hand we have the APTs (Advanced Persistent Threats) Groups; in this case, we're talking about criminal organizations.
[PenTest Magazine]: Let’s change the subject a little bit. You have over 15 years of experience in the cybersecurity field. Are there any particular areas of the cybersecurity landscape you find the most fascinating?
[Filipi Pires]: In fact, I have over 15 years of technology, in cybersecurity, I have approximately 7 years of experience, I'm really passionate about it all!, whether it's Offensive Security or Defensive Security. One of the things I like the most is to understand how attacks work and thus help companies protect themselves from these attacks, and a second thing that fascinates me a lot is teaching! Teach this new generation how much we can build and discover new things within our area!
[PenTest Magazine]: You seem to enjoy teaching others, given the impressive record of speeches at various conferences around the world. Do you think that teaching others gives you an upper edge over others in the cybersecurity industry? What do you gain by becoming a mentor to other pentesters?
[Filipi Pires]: I love teaching! This is one of my passions :) The only advantage that I see is that the more I need to teach someone I need to learn more, so it all becomes an exchange! I teach and receive a thousand times in return! I don't see myself as a mentor for a pentester, I'm here to pass on my experience and try to help as many people as possible within the information security area, whether offensive or defensive!
[PenTest Magazine]: Do you have any tools you find invaluable in your day-to-day work? Or maybe you could point our readers towards some recent discovery?
[Filipi Pires]: Actually, there are many tools already known, mainly for offensive security, many of them in VM (Virtual Machines) Kali Linux and Parrot OS, there are many other open source tools, I'm always sharing many of them on my Twitter account (https:// twitter.com/FilipiPires) and Linkedin (https://www.linkedin.com/in/filipipires/). There are also some other projects on my GitHub (https://github.com/filipi86) that you can follow.
[PenTest Magazine]: Do you have any plans for the future you’d like to share with us?
[Filipi Pires]: Yes I have ☺
I'm actually working on two projects that are fully linked, one is developing a series of books on Malware Hunting and Offensive Security, and some training based on these books :)
[PenTest Magazine]: Bonus question. Do you have any favorite hackers on the social media?
[Filipi Pires]: I have some friends who are world references, each in their own area.
- Phillip Wylie - https://twitter.com/PhillipWylie
- Omar Santos - https://twitter.com/santosomar
- Rik Ferguson - https://twitter.com/rik_ferguson
- and many others
I have an action called #FF (not created by me) where I share many cool security and technology profiles in my Twitter account.
[PenTest Magazine]: Thank you, Filipi! Do you have any final words to our readers? Where can they find out more about you?
[Filipi Pires]: First of all, I just would like to say thank you once again ☺
You can find me on:
- Twitter - https://twitter.com/FilipiPires
- Linkedin - https://www.linkedin.com/in/filipipires/
- Github - https://github.com/filipi86
- My Webpage – https://filipipires.com