I’m not a big fan of live hacking events and even live CTFs. I’ll get to WHY in a moment… but first, I’d like to show you the catalyst that triggered me to write this post.
It was because of this tweet I recently saw from @zseano:
Sean is a well-respected builder and breaker of web apps. He is the creator of the BugBountyHunter.com community and author of many hands-on hacking labs that many in the hacker community use as they begin their journey in hacking.
He’s a good dude. Accomplished. Skilled. And human.
This gets me back to why I look unfavorably at live hacking events like HackerOne’s #H1407. If it were the opportunity to get together with fellow hackers, learn and have fun while hacking and helping to harden a target, that would be one thing.
Stok seems to have figured out that approach when he used to attend and share his experiences at such events. (I miss your vids dude… we need to see another SSRF hotdog caper with Ben 🙃)
But when an event morally tears you down and makes you doubt your abilities as a hacker, the gamification and expectations of the leaderboard are more destructive than they should be.
Don’t get me wrong. I get the value of competition. But when it can amplify the feelings of self-doubt, you get into a totally unnecessary mindf*ck. And it gets worse when the others in the competition, and the organizers themselves, expect you to do well during the time-boxed event because of your past experience.
At some point, we all feel that sort of pressure and have to battle the demon of self-doubt.
There is a term for that… and it’s imposter syndrome.
For the rest of this post, I want to help anyone who reads this to learn how to identify and embrace imposter syndrome.
What is Imposter Syndrome, and why it affects so many hackers?
Imposter Syndrome is the feeling of being a fraud or not good enough among your peers. It can be triggered by self-imposed expectations, external pressures, and even comparisons made to others.
(See how this relates to these live hacking events and CTFs?)
Though it’s more commonly associated with women and other minorities in tech, Imposter Syndrome affects everyone – including hackers. This could be because of the relative anonymity that hackers enjoy, coupled with the fact that we often work in relative isolation.
The nature of hacking also lends itself to self-doubt because it’s a field that is constantly evolving and full of uncertainty. It can be difficult to know if you’re doing something wrong or not, as there isn’t necessarily a right or wrong answer when it comes to hacking.
That uncertainty can cause a great deal of anxiety and fear, which then manifests itself as Imposter Syndrome.
Identifying the signs of Imposter Syndrome
The first step in overcoming imposter syndrome is recognizing it for what it is – that feeling of inadequacy and self-doubt.
Here are some signs to look out for:
- The feeling of being overwhelmed by the task at hand
- Fear of failure or embarrassment
- Constantly comparing yourself to others
- Difficulty accepting compliments from peers
- Inability to take risks due to fear of judgment or criticism
- Low self-confidence
If you’re experiencing any of these symptoms, then it’s likely that you’re dealing with Imposter Syndrome.
Overcoming self-doubt by embracing failure as part of learning
The good news is that once you’ve identified the signs of Imposter Syndrome, there are several steps you can take to overcome it.
One of the most important things you can do is embrace failure as part of learning. This means that when you make mistakes or don’t quite succeed at something, it’s ok – it’s a natural part of the process and an opportunity to learn and get better at your tradecraft.
It also helps to have someone around who can provide support and encouragement when you’re feeling discouraged. It’s important to have someone who can help you regain your sense of self-confidence and remind you of your own personal achievements.
Finally, it pays to celebrate small wins and milestones – no matter how small. This will help to boost your self-confidence and remind you that you are capable of achieving success.
Developing a growth mindset to help build confidence in your skillset
Another critical step in overcoming Imposter Syndrome is developing a growth mindset. This means believing that you can learn, grow and develop – no matter how long it takes or what obstacles stand in your way.
When you have a growth mindset, you are open to trying new things, learning from mistakes, and generally pushing yourself further than before.
When you embrace a growth mindset, you can start to accept that imposter syndrome can be a healthy signal. It means you are stepping out of your comfort zone and evolving into your next-level self.
And that’s a good thing.
Practical steps to take when feeling overwhelmed or discouraged
Finally, here are some practical steps you can take when dealing with Imposter Syndrome.
Take a break: When you’re feeling overwhelmed or discouraged, it’s important to take a step back and give yourself time away from the task at hand. Taking regular breaks will help you recharge and gain distance so that you can return to the challenge with fresh eyes and a renewed sense of perspective.
Set realistic goals: It’s important to set realistic goals that you can actually achieve. This will help to boost your motivation, confidence, and belief in yourself. Remember, your goals will be different than the hacker next to you (regardless if it’s meatspace or cyberspace). And that’s OK. Everyone’s journey is different.
Stay connected: Reach out to other hackers who are facing similar struggles – connecting with others who understand the issue can be a great way to find strength and support. Don’t have someone? Reach out to me. I’ll listen.
By following these basic steps, you’ll be well on your way to overcoming Imposter Syndrome and building greater confidence in your own skillset. After all, self-doubt is only a roadblock if you let it be – with the right mindset and practical tools in place, you can transform it into a powerful source of motivation.
So, go ahead and start embracing your inner imposter!
Imposter Syndrome can be a difficult and challenging obstacle to overcome. Still, if you take the time to recognize the signs and develop practical strategies for turning those feelings into motivation to achieve, you’ll find yourself better equipped to handle future challenges – both in your professional and personal life.
It took me many decades to realize this. Learn from my mistakes and embrace it early in your career. The only person you need to compete with is yourself. Are you getting better? Did you learn from an experience where you didn’t win? Then you are progressing.
You’ve got this. And you know it. You don’t need to have a leaderboard or bug bounty tally to prove your worth.
With a growth mindset and self-confidence in your skillset, you can start to reclaim your power and take on the world. So what are you waiting for? Start embracing your inner imposter today!
If you found you could relate to this post and maybe even found it helpful, then you’re my kind of peeps! Why not join me in the API Hacker’s Inner Circle (my weekly newsletter), where you can track my work and methodologies around API hacking? I’d ❤️ to have you join the community and share your own experiences as you journey through your own work.