About Justin
Justin is the principal consultant for Dark River Systems Inc. where he spends his time blogging, and training open source intelligence techniques using Python. He operates AutomatingOSINT.com and has written two books on Python: Gray Hat Python and Black Hat Python, both from No Starch Press. Justin is also the developer of Hunchly (https://www.hunch.ly) a tool that assists people in gathering intelligence and doing research online.
Ankur
Welcome Justin. Thanks for taking time to talk to us.
Justin
Thanks so much for having me!
Ankur
I went through your blog and boy it's interesting. The kind of topics you address in context of Python programming is fairly unique and not to mention scary for a every day computer programmer. for e.g. How do you come up with these ideas man ?
Justin
Haha! That is a great question. I am a news junkie, so I read a lot of articles from all different kinds of publications. What ends up happening is that as I am reading the news, and sipping coffee, I just end up with a research question that pops in my head. What would it look like if we analyzed Bin Laden's bookshelf with Python? Then I just set out to answer that question, and make it useful for other people to follow along and adapt.
Ankur
That's one unique thought process. How did you get into Security ?
Justin
For many years I was always interested in breaking things, looking at what made things tick and just thinking about ways around constraints. I was working at a startup in 2006 when I had really started to focus heavily on security as a career and was lucky enough to land a job at one of the world's best offensive security outfits, Immunity Inc. This is where I really learned from all the amazing people I worked with at Immunity, and really where I got my real education in security. Immunity is also 100% a Python shop, and they have some amazing coders working there who were great at sharing knowledge and mentoring me.
Ankur
I have zero skills as a penetration tester and neither am I a security enthusiasts. With understanding of Socket programming in C/C++ I enjoyed the chapters and learned quite a few things I had no clue about. What motivated you to write this book ?.
Justin
A lot of the stuff in Black Hat Python really came from ideas or real world scenarios that we faced as penetration testers everyday. One major advantage of a firm like Immunity was that we took a "real life" approach to attacking systems which meant that we developed a lot of tools on the fly, and adapted other tools as we needed to. I wanted the book to reflect that mentality, and to teach the core skills and concepts that would enable this type of development.
Ankur
So what else are you working on these days ?
Justin
I have a few projects that keep me busy! The first is my open source intelligence training at AutomatingOSINT.com where I am teaching students how to use Python to automate data collection and analysis. This is a lot of fun as I spend a lot of time working with all kinds of people from all across the world to learn Python. Part of AutomatingOSINT.com is also writing pretty involved blog posts that are heavily focused on intelligence automation using Python with a smattering of other techniques. As well, my investigation product Hunchly is moving along steadily and beginning to pick up a lot of steam as more and more users start incorporating it into their day to day investigative work. This is all on top of my consulting clients that keep me moving every day as well!
Ankur
I meant to ask this earlier How does one kick start his/her career in Infosec ?. What are the various routes ?
Justin
One word: Contribute. There are so many open source projects, bug bounty programs and capture the flag (CTF) events that there is never a reason for you not to get started. This is exactly what I did, and ultimately someone will notice you committing code to GitHub, winning competitions, posting on blogs, etc. Put in the work, contribute, and you will have no problem getting a career fired up in infosec.
Ankur
Thanks Justin. It was great talking to you.