Testing Skills Learnt to Find Weakness's
So i have been going through all the post's on here and practicing on some computers mainly mine, family and friends and learned how easy it was to gain access and browse all files access camera and microphone... but my question is how do i test other services for weakness's ? you hear about people finding bugs in facebook's server and getting rewarded etc.. is it just a matter right "lets sit here and hack facebook, if i get in woohoo (what to do now share or report)"... or is they something else ??? sorry about the dumbness of the question, i just want to take what i have learned into the real world and find weakness, but dont want that weakness to be a honeypot as such and im caught up in a big hacking scandal and spending the rest of my life in jail..