Related Posts Plugin for WordPress, Blogger...

Mohammad Chose Blogger, I Chose Hacking

An inspiring story by Rafay Baloch from RafayHackingArticles. Dating back to 2009 when I first met this guy.  


blog or hackWell, this post is not  an ordinary one that talks about "Making Six Figure Income Online" or making millions from blogging, it rather contains some interesting piece of advices for Novice Bloggers and also the Ninjas out there who are struggling hard to survive online.  It all started, when Mohammad and I met back in 2009 in a Snooker Club. We both were interested in blogging and Internet Marketing, so we therefore had arranged a meeting in order to share our existing blogging strategies.

A Challenge that Changed our lives

No work looks interesting unless you are fueled with the requirement amount of passion and motivation. Our meeting did not only increase our learning but set us viral with new online goals that were yet to achieve. We had a long argument about blogging niche. Mohammad was in favor of a niche that was well accepted by Ad networks and that guaranteed great reputation online both in the eyes of search engines and readers. He hated and still hates niches that promote explicit, racial, political and malicious content. Hacking according to him was a topic that could never be accepted online by sponsors, no matter how pure or ethical it may get. To some extent, all that he believed was true and still holds it sanctity. My blog on hacking never succeeded with Adsense, Infolinks or BuySellAds.  So my earning from all these sources were nil despite receiving millions of views per month and with over thousands of readers (23K RSS Readers + 18K Facebook Fans).

On the flip side, my opinion was that one could blog on anything he likes even hacking as long as he know how to market things properly. For me, security related stuff is no less than an addiction. I could not give up with the blog just because Ad networks were not accepting my niche.

Mustafa challenged that I could not make any kind of profit from my hacking blog, On contrary I challenged him that it's not possible to take MBT to the next level with so many Competitors around who are continuously publishing tons of widgets, templates and blogger related tutorials. I also challenged him that your blog will never get below 10k Alexa because it requires a lot of Traffic momentum. I still remember Mohammad's blog was having 100,000 Alexa rank at that time. Mohammad on contrary argued that almost anything could be achieved as long as you serve the blogosphere with something new and fresh. About Alexa, he quoted its all a game of playing with algorithm.

So, we both started working harder to prove our claims. I was earning nothing back in 2009, so I decided to study the strategies used by Six Figure Bloggers to make money online. I subscribed to all the big blogs and read their e-books, here is the interesting part of all of them, they never relied upon Ads! AdSense was never their primary earning source and most of them even didn't even use AdSense. If you observe their blogs [John Chow (Johnchow.com), Darren Rowse (Problogger.net),  Neil Patel (Quick Sprout)], you will find no Google Ads. They work on a more interesting strategy that is no less than a magic ball for many professional bloggers today.

 

So, How Did They Made Money?

 

You might be wondering that how do they make Six Figures from their blog without using adsense, Well their are a lot of answers to it. Mainly, they focus on two important things:

1. Building Readership

2. Selling Product.

 

1. Building A Readership

 

If you have a good readership you are not at the mercy of  Google, John chow's blog was really affected with Panda and Pengiun, but his earning did not drop, because he had built a strong readership. He has more than 250000 active daily visitors on his blog. Take a look at problogger.net, His blog has more than 168k daily RSS Subscribers, 178k+  twitter followers, so even if Google knocks his blog completely off, he would still make a decent amount of money. That's one reason why Mohammad emphasizes on the importance of Readership so much.

2. Selling The Product

 

Now all of these Six Figure bloggers have something in common, they have their own product and they are using their readership to market their products, Even if 10% of their readers buy their products, it's enough to make them more than Six figures. Along with it, you would see all these six figure bloggers, market each other's product. Which also explains the idea of co-operation to make more profits.

So, I applied their strategies, I started with Affiliate Marketing, where I sold keyloggers, Spywares to my blog readers, by writing a review about all of them, I chose Clickbank and Plimus as a platform for Affiliate Marketing. I was earning pretty good amount of money each and every month by marketing other  products related to my niche. However, as the competition grew larger, every one started copying our ideas of marketing the same products, I saw a significant drop in my earnings. So I used their second strategy to create my own Product.

Around August 2010, I finished writing my first eBook "A Beginners Guide To Ethical Hacking", and managed to launch it that very month. Next, I used their first strategy of building a readership, i started writing articles frequently and saw a significant increase in my blog's traffic, Next i started interacting with bloggers in my niche, i offered my affiliate program to the people in my niche. To bloggers with significant traffic, I offered them 60% of the share and to small scale bloggers I offered 50% of the share. After few months i had more than 100 affiliates, thus I started earning more!

Along with it, I signed up for advertising networks infolinks.com, chitika.com and sharecash.org, My traffic was more than 24k unique visitors, so I was making a huge profit with them.

But, suddenly things changed, I was struck with Panda effect, My blog's traffic dropped by 60%. I was also banned by infolinks, chitika.com and sharecash.org for serving hacking content. All of them asked me to remove the content, which i couldn't since i worked really hard on them. That's where Mohammad proved right to a bit. And all of sudden i was left at the mercy of my book "A Beginners Guide To Ethical hacking', So i stopped blogging for a month and started working on my new product, "Facebook Hacking Course", I finished it at the end of the month, Since my traffic was not really huge at that time, i did not had that much sales as i expected, but it was decent enough to make me good amount of money at the end of the month.

Next, i decided to write another free book, to convert my blog in to a brand, I wrote "An Introduction to keylogger, RATS And Malware" at the end of the year 2011. I promoted my affiliate products under that book and it worked wonders! That books are my biggest source of earning today along with an additional earning source called "Awards"

 

The Year 2012

 

Year 2012 was not a good year for me, I was struck with penguin effect, My traffic dropped again, So, i decided to work on improving my skills. I started writing more and more and on the other hand tried to practice what i learned. Around September 2012, I decided to take part in Bug bounty Programs and responsible disclosure programs of Internationally recognized companies like Microsoft, Ebay, Apple etc. The idea behind it is that you would need to find vulnerabilities in their websites and they would reward you for your discovery by either paying you a bug bounty or either adding you to a responsible disclosure page.

I started with Microsoft and got listed in it's responsible disclosure, The first listing was very difficult but it got easier and easier for me, I managed to get listed in more than 14 responsible disclosure pages within the time span of 3.5 months. Some notable disclosure pages are as follows:

Microsoft Security Researchers Award

 

I have been Acknowledged by Microsoft three times for findings various vulnerabilities in their websites:

http://technet.microsoft.com/en-us/security/cc308575.aspx (August)
http://technet.microsoft.com/en-us/security/cc308589.aspx (October)
http://technet.microsoft.com/en-us/security/cc308589.aspx (November)

Acknowledgement From Eset Antivirus Company

 

Dear Mr. Baloch, ESET Security team would like to officially thank for reporting security vulnerabilities on webpage www.eset.tw on October 14, 2012. We acknowledge that Mr. Rafay Baloch, RHA has reported following vulnerabilities: Stored XSS vulnerability SQL injection vulnerability Your information has helped us and our partner responsible for the site to improve security of online services and has prevented malicious exploitation of these vulnerabilities. As a part of official gratitude we would like to provide you license for ESET Smart Security. Please let us know the e-mail address where we can send You the license information.

s pozdravom /

best regards

Daniel Chromek

CISA, CISM, CISSP, MBCI Chief Information Security Officer

Adobe Security Acknowledgments

http://www.adobe.com/support/security/bulletins/securityacknowledgments.html

 

Ebay Responsible Disclosure Page

Reported an XSS in Ebay, bypassed their security filters to make the vulnerability work:

http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html

 

 

$5000 Award from Paypal

Update: The price Reward has been increased to $10,000 now. :)

I started participating in Paypal bug bounty program around the mid of September, I started hunting bugs, at first it got duplicate, however, one day while i was hunting for vulnerabilities  in Paypal, I managed to find a huge vulnerability in Paypal i.e. Remote Code Execution, which managed me to run any command on Paypal's Server.
Initially Paypal has payed me 5000$, along with 1000$ for reporting other vulnerabilities such as XSS and information disclosure. Here is the screenshot:

$5000 Paypal award

Along with it, paypal also offered me job as a security engineer a.k.a Security Ninja, However, I am not planning to work for them at the moment, as my bachelors is currently in progress.

job offer from paypal

 

So Who Won?

It's the last month of 2012 and around 3 years have passed since we first met. Fortunately neither Mohammad could prove me wrong completely nor I could win over him. He is now running one of the most widely read blogs in Blogging niche with thousands of followers, contributors, resources and amazingly a Google blog that has the highest Alexa Rank i.e 6K out of millions of Google hosted Blogs. MBT is the only unofficial blogger blog with the highest Alexa rank mashAllah. His blog is now DMOZ listed and a repository of hundreds of creative plugins and widgets. He is still a loving friend and a dedicated blogger.

On the other hand, I succeeded in keeping honor of my claim by turning my simple blog into a lucrative Online Income engine. RHA blog is now read widely throughout India, USA and Pakistan. All its earnings are from ebook sales, product reviews and affiliate sales, with not a single Ad from any of the widely renown Contextual Ad networks (AdSense).

I would accept today that hacking wont get you accepted with Adsense or Chitika but if its your only passion and you have a strong belief that your skills can contribute to the online community then just don't stop and give it a go. Search engines do index content generously irrespective of the niche. So blog on anything as long as you know how to market it.

Message To Upcoming Hackers

 

My message to the ones who have just stepped up in this field is that there is nothing wrong in learn hacking techniques, what makes it wrong is the way you use it. There is a misconception among people that hackers have good jobs overseas, this is all wrong, if you associate the word hacker with your name then no organization will hire you. As they would think that you might be posing risk to their organization. Don't run after fame, it will just be for sometime.
Instead if you are really interested in pursuing your career in information security, I would suggest you to build your skills. Go after some certifications such as CISSP, CEH, CPTE etc. And start using your skills to help organizations make themselves secure, by reporting it to them.

Final Advice

 

My final advice to every one is not to run after money or fame, It will eventually come to you, Just focus on building your skills. Neither Mohammad nor I blogged for income, what we aimed at was readership. People follow you only when you offer something worth reading. I wish you all the best with your future endeavors and hope that this little post may motivate you to trigger your online journey right today. Jump inside the ring to battle the big giants out there who are still missing a great contender. Leaving you with this beautiful quote. 
Fame is a vapor, popularity an accident, and riches take wings. Only one thing endures and that is character. – Horace Greeley

Facebook Comment

Blogger Tips and TricksLatest Tips And TricksBlogger Tricks