So i have been going through all the post's on here and practicing on some computers mainly mine, family and friends and learned how easy it was to gain access and browse all files access camera and microphone... but my question is how do i test other services for weakness's ? you hear about people finding bugs in facebook's server and getting rewarded etc.. is it just a matter right "lets sit here and hack facebook, if i get in woohoo (what to do now share or report)"... or is they something else ??? sorry about the dumbness of the question, i just want to take what i have learned into the real world and find weakness, but dont want that weakness to be a honeypot as such and im caught up in a big hacking scandal and spending the rest of my life in jail..
Forum Thread: Testing Skills Learnt to Find Weakness's
- Hot
- Active
-
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
23 hrs ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
1 wk ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
4 wks ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
4 wks ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
2 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
2 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
3 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
3 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
3 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
3 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
4 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
4 mo ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
5 mo ago -
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
6 mo ago -
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
6 mo ago -
Forum Thread:
How to Hack School Website
11
Replies
6 mo ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
6 mo ago -
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
7 mo ago
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Dox Anyone
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Get Root with Metasploit's Local Exploit Suggester
-
How To:
Scan Websites for Interesting Directories & Files with Gobuster
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Exploit Shellshock on a Web Server Using Metasploit
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Use Ettercap to Intercept Passwords with ARP Spoofing
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Hack and Decrypt WhatsApp Database (Remotely) [ROOT]
-
Hacking iOS:
How to Embed Payloads into iPhone Packages with Arcane
-
Hack Like a Pro:
Reconnaissance with Recon-Ng, Part 1 (Getting Started)
-
How To:
Perform Local Privilege Escalation Using a Linux Kernel Exploit
-
How To:
Advanced Techniques to Bypass & Defeat XSS Filters, Part 1
-
Hack Like a Pro:
How to Crack Passwords, Part 4 (Creating a Custom Wordlist with Crunch)
-
How To:
Scan for Viruses in Windows Using a Linux Live CD/USB
-
Hack Like a Pro:
Metasploit for the Aspiring Hacker, Part 6 (Gaining Access to Tokens)
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
2 Responses
This is a great question.
Finding security holes in large company's websites can be a gray area with a lot of ethical and legal questions that can arise.
Your best bet, especially as a beginner, is to stick to publicly advertised "bug hunts". Like United Airlines which recently awarded a bug finder a bunch of sky miles for a security hole that he found.
If you search the web, there are also limited time events to try to hack public systems to find weaknesses. Stick to those systems and there's no gray area.
Link.
ghost_
Share Your Thoughts