Summary 2024 - Security, business and life

A few years ago, I noticed a trend on LinkedIn where people shared yearly reflections. Inspired by that, I’d like to share my experiences and achievements from 2024. This year, I focused on setting and working toward half-year goals. Here’s a summary:

Accomplished Goals

Security Achievements

  • Discovered My First CVEs:
    • CVE-2024-2759:
      An improper access control vulnerability in the Apaczka plugin for PrestaShop allowed unauthorized access to information from saved templates. This issue affected versions 1 through 4.
    • CVE-2024-7127:
      A vulnerability in the Stackposts Social Marketing Tool allowed a Cross-Site Scripting (XSS) attack via malicious input in the username field during registration. Despite repeated attempts to contact the vendor, no response was received. This vulnerability likely affects all versions of the tool.

Business Ventures

  • Started two SaaS projects. Unfortunately, both ventures eventually stalled, but they generated some revenue and valuable experience.

Fitness

  • Achieved a personal best of 170 kg deadlift.

Goals That Fell Short

Fitness

  • Bench press goal: 130 kg (reached 120 kg).
  • Squat goal: 140 kg (reached 110 kg due to a knee injury).

Bug Bounty

  • Participated in several bug bounty programs (5–10), but the complexity of large systems proved challenging. I did, however, identify a bug in a popular service—unfortunately, it was not exploitable.

Highlights of 2024

  • Participated in CyberAdvent with “Not The Hidden Wiki.”
  • Earned a master’s degree.
  • Started an open-source project: ps-scan for PrestaShop vulnerability scanning.
  • Joined the SecFault team and participated in several CTF competitions:
    • hxp 38C3 CTF
    • BackdoorCTF 2024
    • SECCON CTF 13 Quals
    • GlacierCTF 2024
    • 1337UP LIVE CTF
    • BlockCTF 2024 (Formerly SquareCTF)
    • BlueHens CTF 2024
  • Achieved a significant milestone at work: doubled revenue compared to last year, reaching 400,000 PLN.

Goals for 2025

  • Launch a startup and create my own product.
  • Find bugs and claim bounty rewards.
  • Perform my first commercial penetration test.
  • Focus more on building my personal brand.
  • Fitness goals:
    • Bench press: 140 kg
    • Deadlift: 200 kg
    • Squat: 130 kg

Here’s to another year of growth and achievements in 2025! 🎉

Jakub Przepióra

my image

By TheMrEviil, 2025-01-03