Tuesday, 19 June 2012

TL;DR: follow @pntstr for an interview question per week

I have been working on a new project: PNTSTR, if you're trying to hire people in the security industry, you probably already felt the pain of endless interview with people you know you won't hire pretty quick... I just wanted to avoid this by creating an easy first filter. Basically, it's just a simple web application to ask questions to interviewees and score them...

*BUT*, I had/have 2 problems:
  • Getting publicity is hard, it's a niche solution for a niche market, so you need a lot of people to get to the site before getting clients.
  • It's really hard to have good questions, you need questions that are not too easy and not too hard (ie: 100% or 0% success rate questions are useless...)

How to fix this? Web 2.0 to the rescue !!!

My idea to solve both of this problem is to use twitter, and create a twitter bot. This idea comes from inspire9's twitter account: @inspire9. When you start following them, they send you a direct message:

When I saw that, I thought it was pretty cool and I wanted the same thing (but didn't find a reason for it until now).

As a curious person, I love to learn new thing and I think a lot of people in this industry are the same (I hope at least)... So I decided to put together a weekly question and provide the answer with explanation. 

How it works... If you start following pntstr on twitter, pntstr will start following you back (good way to get a new follower...) and send you a direct message with a subscription link. If you subscribe, you will get a weekly question by direct message. You can then click the link in the direct message to see the question, once you submit your answer, you will get the answer we were after and some explanations.

So to try it just start following pntstr ;)

But what happens if people keep all the answer and build a script to answer automatically to the website? 
To be honest, someone doing that deserves an interview ;) Furthermore, interviewers are able to put their own questions in the site... PNTSTR's questions are just here to provide something to begin with.

But what if people cheat?
Pentesting is cheating... someone doing that deserves an interview ;)

Do you keep stats per follower?
No. Just stats per question.

