On a quite regular basis we receive applications for jobs, diploma theses or internships. Seems like we are doing an
Most of these applications reach us via e-mail and have a CV and references attached. As pentesters we tend to examine these documents closely, so here are some examples of what you should avoid if you plan to send an application.
First of all: Do not send DOC Files:
DOC Files are not considered appropriate as e-mail attachments. Hackers are usually aware of this.
Ok, so you send a PDF file:
Now, remember to also embed the fonts you used! If you use Windings, do not expect my linux box to know about it.
Also, do not forget: Not only Word files can contain hidden information. A closer look at some PDF shows:
With the help of the “strings” command we can see for example all the names of the included files. This is bad if it reveals the names of other companies that also got the application.
Lastly, a non-technical hint: A list of every hacker tool that you know does not tell us anything about your skills.
Do not misunderstand us though. We appreciate every single application! So if you think you would fit into the team, go to our contact page and send us an e-mail.