Did you know that a Pakistani hacker is the third most top ranked bug hunter in the world? And that same Pakistani has been ranked by HackerOne (a vulnerability disclosure company in California) as the 11th most top-rated hacker in the world currently?
That guy is Shahmeer Amir, a Multan-born Pakistani national who has earned $150,000 in total bounties by reporting bugs to 300+ global organizations. Some of these organizations include Facebook, Microsoft, Google, Yahoo, Twitter, LinkedIn, Dropbox and many more. All of this in just 2 years time.
Shahmeer Amir – the 3rd most top-rated bug hunter globally
And whats’s more. He’s currently in charge of coming up with initiatives to better secure the Pakistani cyberspace from internal and external threats. If that wasn’t enough, he has also been invited to the DefCON event by HackerOne, the biggest hacking conference on the planet.
Pretty impressive resume wouldn’t you say? And he has achieved all this at the ripe young age of 21!
ProPakistani recently sat down with the hacker-extraordinaire, and trust me when I say that we were most curious about how an exceptional talent as Shahmeer Amir’s has come along so long without as much as a spotlight from the Pakistani media.
Q: Hi Shahmeer. Let us state right off the bat how excited we are to interview you. Can you tell us and our readers about your early life and schooling?
I was born in Multan, moving to Karachi with my family when I was 13. I did my primary education from the Rangers Public School, and subsequently did my Intermediate in Engineering from a Government Degree College in Gulshan-e-Iqbal. After that I finally did my Bachelors in Electronic Engineering from Hamdard University on scholarship.
Q: How did you get into hacking? Was it natural for you or did you accidentally discover it in your later life?
I was always interested in learning about computers from as long as I can remember. I remember when I had a Pentium 3 computer, I always used to encounter different problems while using it. It could be software issues, BSODs, Registry errors etc and I used to solve them by Googling solutions and fixing them by myself. That was how my technical problem solving skills nourished.
One day at my University, there was a seminar on Cyber Security going on. My curiosity got the better of me and I attended it. I’m glad I did, because even though I didn’t know it at the time, that was a turning point in my life.
I started my formal research after that. I learned using online resources and tried to learn more about this field. It was hard, considering I was from a non-core computing educational background. But with dedication and hard work and of course, my motivation to learn more, I found myself diving into the world of white hat hacking.
Q: Let’s take a moment here. When you talk of white hat hacking, is this the same as ethical hacking?
Yes, it is. In fact, my primary role has been to discover exploits in products and services that we use in our everyday life. After I identify a security risk, I contact the people behind the product and they resolve the complaints. As an information vulnerability researcher, they acknowledge my efforts and even pay bounties after successfully resolving the exploits.
Q: I’m curious about the bounties though. And I’m sure our readers are too. Can you share some details regarding them?
Well I have reported bugs for 300+ global organizations, Facebook, Microsoft, Google, Yahoo, Twitter, LinkedIn etc. I have earned about $150,000 in total bounties and donated about half of them to emerging causes around the world and people that contact me individually.
Q: That’s pretty impressive Shahmeer. But I must say, you’ve proven to be quite philanthropic with your efforts as well. I was thinking if we can take a detour and focus on the non-hacker side of you? Like what are your favorite movies or TV shows?
Well, I don’t have a favorite movie, but I like The Shawshank Redemption. As for TV, I like Prison Break and Person of Interest a lot.
Q: What is your view about the state of cyber security education in Pakistan?
I think that there should be more of such Cyber Security training centers in Pakistan that are legitimate ones and that actually help youngsters develop a skillset rather than fool students, I myself have been a victim of counterfeit education and self learning was my only chance
Q: I’m seeing a theme here about breaking out. Sounds like something a hacker is always thinking. Person of Interest was amazing in its depiction of artificial intelligence and how they can control the world.
My favorite character was Root by the way.
Q: How apt. Seeing as she was a superb hacker in her own way. You’ve got a favorite personality or book?
I like The Kite Runner by Khaled Hosseini and as far as personalities go, I’ve always been inspired by the fighting spirit of Muhammad Ali.
Q: Thank you for a most candid interview Shahmeer. As we conclude this interview, let our readers know what you’re up to currently.
Nowadays, I’m in Lahore, managing my own cyber security startup Cyphlon with a team of 6 people besides me, under the stewardship of Plan9, Punjab IT Board (PITB). We regularly discuss ideas about how to solidify the defenses of the Pakistani cyberspace and IT companies.
Q: One last question. What’s your advice for people here who want to venture in your footsteps?
Hackers in Pakistan should focus on learning more initially than earning. That’s my belief anyways and it has helped me immensely.
I see many researchers going towards earning $$$ before they even know the basic architecture of a web application, Don’t make the mistakes I did in the past, I had to earn my respect back by working twice as hard. Work hard, learn before earning and donate generously, it will help you achieve countless blessings.
We really wish Shahmeer  Amir all the best in the future and hope that others are inspired by his example. You can check out his profile at Twitter: @Shahmeer_Amir and his website.
To find out more about his work, check out these resources:
- GetWhiteHats.com
- BugCrowd.com
Mashaa Allah
Inspirational. Can you please tell us which online courses you took?
I took no direct course
How i contact you
how can i contact u ???
The title should be “One of the World’s Best *Ethical* Hacker is from Pakistan & Has Earned Millions”
*White hat to be exact.
Gulshan College ka parha hua hey.,., :D
Safari park mey kitna time guzara hey.,., ProPak ask this as well :P
safari park ki ataa hai sab
Hahahahhahaa. Gulshan College main parhty huey bhe Safari Park main wqt nahi guzara tabhi tou aagy nikal gya :D :P
focus on learning more initially than earning
Inspirational!! Time to find vulnerabilities on Propakistani :P
Finding bugs and fixing them is a also a skill of mine. I have found a bug on google. Where do I report it?
i report bugs all the time when my PC crash, i automated my coding process long ago, so it just ask me if i want to report this bug or just pass on.
you know the thing is i dont really remember the coding of it anymore, cus i’ve been playing pokemon go for too long, since my automated bug reporting program worked by itself. ;)
it’s not even profitable, so you should pass on too. and read this https://goo.gl/Puuq7o
RIP English
Look! Jaanu German is here. (Kidding)
Getup propakistani Qandeel has been killed!!!
hahahaha… kia time pe bat ki ha
Among a very few peeps from the sea of security charlatan who know their stuff. Good lad (Y)
His story should be spread in different forms and social media.. He is and can be inspirational to many young guys out there to spend your time constructively and learn and learn more to improve your knowledge.
Appreciate your kind words
Mashallah, wish you more success!
It means “First Learn and then remove the “L”. L – earn. Very Inspirational Shahmeer, I would love to meet you when I visit Lahore. Keep Pakistani flag high ;)
Great Shameer …………….. Serve the nation with full potential and highly mechanism and never give up the donation element in your life, which will make you enormous achiever in both lives. Thanks
Good Work Shahmeer, Positive thing is you being on the Legit Hacking. Keep it up and keep making your Country proud.
please hum ko b 3 month ka course kra do wesy me b kisi sy kam nai
I am computer enginner my name luqman ahmad
Shahmeer is an inspiration to all Pakistanis!
salam I am in trouble is there nay body plz help me abt facebook hacking am in trouble
Hi bro please hack 8 ball pool cash and coins for me please plaese my username is (fshnxbkdd) please please u r expert u r great please please hack for me
Real treasures and gems of Pakistan Not the one who made offshore comapnies or follow false legacy of their Grand Parents.
Good luck for the future!!!
May Allah gives you more success.
zraa mujhe toh btain ye kia hai
Bhai mere pas toh Call ka software bhi hai Dunia min kisi ke bhi Number se kisi ko call kar sakty hain bhai meri kahin job hi lagwa do yar :P mein har tarha ka software bana sakta hon ( [email protected] ) 03072797126
i’m certified ethical hacker .. need job …
ja k pogo dhek
I have got an approved Canada visa UCI 61439104 Application no: V316457562
nice
“>
Shahmeer Bhai please contact me, i want to have a talk with you
Proud to Be Pakistani :)
Love Your Confidence Bro Keep Going! :)
Sir i need help about hacking please contact me
Need help about EH
A very inspirational story.