General information about making a profit from hacking
Section A. - Answers
Q: What’s ethical hack about?
A: Based on google, Ethical hacking involves an authorized attempt to gain unauthorized access to a computer system, application, or data. Carrying out an ethical hack involves duplicating strategies and actions of malicious attackers.
Section B. - Bounty
Q: Which companies are paying for this?
A: Every company looking to improve their security. “BUG Bounty” is the term that we’re talking about and if you consider the future, every company it’s moving to e-sales.
Two companies paying for vulnerabilities.
HackerOne
BugCrowd
Section C. - Basic knowledge
English (language), Basic HTML - JAVASCRIPT - PHP, and you should know about programming. YouTube can teach you this part.
Terms like: WEBSITE, ISP, DNS, IP, SSH, HOSTING, DOMAIN, COMMAND, etc..)
Recommendation: Use Linux (Kali, Parrot, Black A).
Section D. - Courses
Section E. - Resources
PentesterLab: Learn web penetration testing.
Pentester Academy: Same as above.
Some current methods and vulnerabilities:
SQL Injection Attack
XML Entity Injection
ClickJacking Attacks
Resource Injection
SMTP injection
etc..
Section F. - Blogs and communities (where you can navigate in).
To avoid conflicts with Cracked rules for posting other websites, This section will be sent to those who like+ rep+ dm+. I assume only the most interested ones will respond to this Section, so keep scrolling down please.
Section G. - Penetration Tools.
bucket_finder
GoogD0rker
WaybackMachine
waybackurls
Sn1per
XRay
wfuzz
patator
datasploit
hydra
changeme
Gitsecrets
Apktool (INSANE - CHECK IT)
dex2jar
sqlmap
dnscan
Knockpy
Sublist3r
massdns
[nmap](http://%20https//nmap.org)
masscan
EyeWitness
DirBuster
dirsearch
Gitrob
Section H. Practice
Section I. - Steps
1. Go to BugCrowd Or Hacker One.
2. Pick a program
3. Confirm if you can do what they want and start working on it.
4. Fill the report.
5. Get paid.
Section J. Report
Bug submission examples and methods.
Credits - Unknown