About Me

YoKo has spent more than 13 years (from total of more than 16 years) in information security field, focused in risk from security testing point of view. He has served in technical roles as technical lead security consultant for many security testing projects in financial industries, healthcare, distribution, logistic, manufacture, mining, and pharmacy.

In addition, he has also conducted several researches with his colleagues to find security vulnerabilities inside web, mobile and desktop applications. Adobe, Apple, Avast, Blackberry, FireEye, FortiNet, Lenovo, McAfee, PayPal, Samsung, and TrendMicro are some lists from his researches that has been acknowledged and some of them can be seen on his personal blog at http://firstsight.me or https://medium.com/@YoKoKho

With the permission of Allah, in October 2019 (with Faisal Yudo), he managed to create an ebook that readers can use to study the topic of Web Application Security Testing (from a bug hunting point of view). Equipped with very basic explanations, this ebook also covers various techniques (recon and attack) with real cases from around the world. https://leanpub.com/bughunting101 (Available for free).

He has also been recognized as one of Bugcrowd’s MVP Researcher – one of the world’s leading bug bounty platforms – Period: 2018, (Q3 & Q4) 2019, (Q1, Q3, & Q4) 2020, Q1, Q2, Q3, Q4) 2021, and 2022 (1Q).

And as of 11th Jul, 2021, Bi’idznillah YoKo reach top 40 (rank #37) at Bugcrowd – https://bugcrowd.com/YoKoKho.

Reach YoKo at: Twitter | Linkedin | Email: yk[at]firstsight.me

Professional Certifications:
OSCP – PWKv3 (Offensive Security Certified Professional)
CRTO – Certified Red Team Operator
eCPTX (eLearnSecurity Certified Penetration Tester Extreme)
eWPTX v2 (eLearnSecurity Web Application Penetration Tester Extreme)
ISE (Apple iOS Application Security Expert – PentesterAcademy)
CEI v2 (Certified EC-Council Instructor)
CEH v10 Master (Certified Ethical Hacker)
ECSA v9 (EC-Council Certified Security Analyst)
CND v1 (Certified Network Defender) – pre-selected CEI (CEI Initiative)
NSE 1 Network Security Associate
NSE 2 Network Security Associate
LPT Master (EC-Council Licensed Penetration Tester)
LCSPC (Certiprof Lead Cybersecurity Professional)
CSFPC (Certiprof Cybersecurity Foundation Professional)

Additional Notes:
Since there are few social media accounts that showing up as “YoKo Kho” or “YoKo Acc”, then here is the clarification about the list of social media accounts that I have. Please kindly note, I have no other social media accounts except:
Twitter: @YoKoAcc (public) / @yokokho (private)
Medium: @YoKoKho
Youtube: /channel/UCRd846B8EyUROUSeA9da_xg
Facebook: /yoko.kho (inactive – restricted from public)
Google Plus: /+YoKoKho (inactive)
Instagram: @yoko.kho (inactive)
YourAcclaim: /user/yoko


You may also like...