Harsh Bothra joined Cobalt as a Core Pentester a little over two years ago. Since then, he has made a name for himself in the Cobalt community by becoming a Lead and sharing content with fellow pentesters. If you look at Cobalt’s technical community blogs, you’ll see his name a time, two, or ten. As one of the Core’s younger pentesters, he has proven to be a natural leader and passionate about the industry, even from a young age.
“I have been into gaming since I was introduced to computers at a very young age,” Bothra said. “I became curious about how people modified their gameplay to win, and that curiosity is what led me to the term ‘hacking.’”
Bothra started studying it, which led him to pentesting. Then in 2016, he published his first book: Hacking: Be a Hacker with Ethics. He wanted to provide beginners with a manual to get started. After that, he started bug bounties, focusing on Application and Network Security.
In 2020 at the SeaSides conference in India, he heard about Cobalt. After applying multiple times, he was onboarded into the Core.
Beginning at Cobalt
For Bothra, Cobalt’s PtaaS model was a change from what he had done in the past. He found it to be more flexible and has enjoyed being able to work with different technology stacks and sectors.
“Communication with the team and client is the best part of PtaaS,” he said. “What you are doing and expectations are well defined, and real-time communication allows you to remove a lot of blockers from the engagement.”
Bothra said his first engagement with Cobalt was amazing, even though he was initially nervous and had doubts about his skills.
“My first engagement’s Lead, Dragos Ionica, was super friendly and helped me throughout the engagement,” he recalled. “We reported some nice findings, including critical ones, and I learned to improve my status updates, report writing, and overall communication. Since then, there’s been no looking back.”
Evolution of Cobalt
“I have seen Cobalt grow super quickly,” Bothra said. “The platform has become more smooth and stable. Reporting, team updates, and applying to new engagements have become easier.”
Cobalt has added more support for pentesters through Techincal Project Managers, Technical Writers, and High-level execs who are eager and involved.
“Cobalt is definitely on its way to the moon.”
Bothra said with pride that Cobalt has positively changed his life and opened up many opportunities for him. He has become more financially stable and is always learning new things. To mention a few:
Effective Technical Writing: Working with Cobalt’s Technical Writers like Mike on the Cobalt Docs project and with Grahame on the Taxonomy Project allowed me to improve my technical writing.
Leadership Skills: I have led more than 80 pentests so far with Cobalt, and each test came with a unique experience and diversity of testers. Their skills allowed me to push the boundaries for myself and learn a lot during the process.
Communication: Well, this is the best part. I communicate effectively, which helped me improve my public speaking, interaction, and overall soft skills. I like to be proactive in my pentest engagements, trying to provide value to clients.
Technical Expertise: Working with Cobalt, I pushed myself to work on some technologies that were new and challenging and also, with the help of educational support that Cobalt provides, I've been able to learn new things.
“Working with amazing people worldwide has helped me make good connections and friends who are always willing to help and cheer,” he said.
For those interested in joining the Core, Bothra wants you to know that Cobalt is one of the best places to nourish your technical skills, work with people across the globe, and learn from experts and experienced testers.
“It allows you to improve your soft skills through communication, report writing, and team updates.”
So how does someone be successful in the Core? According to Bothra:
Never ghost your active pentest engagements.
Be active in the pentest engagement and keep track of activities like issues reported.
Post your team updates promptly. You can create a recurring reminder in your calendar if you forget to post one.
If you are stuck somewhere, don’t wait for someone else to highlight it. Reach out to your lead first and if required, reach out to the client.
Collaborate and take part in team communication.
What’s next for Harsh Bothra? Continuous learning, especially in more sophisticated areas like Web3 and Smart Contract Audits. He also plans to create more educational resources to inspire beginners and himself.