How to Become a Qualified and Professional Ethical Hacker; Bug Bounty Hunter

Hackers are normally supposed to be considered the bad guys, but Ethical Hackers are actually the good guys like a cop you know who thinks like a robot in order to catch the robot so Ethical Hackers are trained professionals who are hired by companies to hack into the networks and find the loopholes in their systems and try to give some solutions for the loopholes in the term Ethical Hacker sounds like an oxymoron.
But it’s actually not the greatest part of my job is meeting new people finding solutions to their problems at the workplace finding solutions for the application security traveling all around the world dealing with new technologies day by day and best part is to prevent fraud from happening in all around the world by using a software and guiding people how to prevent fraud from happening just need soldiers to fight soldiers you mean hackers to fight hackers.
There are basically three types of hacking categories and three. but in the first is the white hat then only the good guys down on the ethical hackers who you know, what train like a hacker to hack into companies networks find solutions find the loopholes and interview fixes for the loopholes come into the second one is a black hat he’s the bad guy you know who actually has information for profit you know he can either have that information for profit or you can hack that information you know publish it online it can then be used by the good guys as well as the bad guys.
You know for mr. for whatever the third category is a great hat the great hats are mischievous people who just want to do not play around with websites want to be in some text here and there and certain websites you know basically do stuff for fun but their intentions are never bad there are various kinds of attacks that happened into his world in reality would just go to a few of them the first is a man-in-the-middle attack what happens in a man-in-the-middle attack is when a user for example if you are logging in to your bank account there’s a back to the bad guy sitting down somewhere, you know who’s sitting in the middle he’s a black hat he’s a hacker who actually tries to get your session get your information so when you’re trying to login to the bank you establish a secular session to the bank.
What this hacker does is he tries to split this TCP session into two parts one between you and him and the second between him and the bank so what he can exactly do with this information he can actually modify the values.
A similar kind of attack is a man in the browser attack or what happens in a man in the browser’s you see with various emails you know forwarded emails from your friends or from some unknown sources with some point pitchers are some Yahoo – about some tools to be installing 32 about to be installing a machine or some screensaver to you go and you will go ahead and install them what happens is actually our toes in sitting in the background which you know is getting all your information right formula your account your windows password to your mac password to your bank account details it’s capturing all the information and it’s passing that information somebody else.
What also the children can do is that frozen can modify those values same as the Manimal effect and he can modify these values and change the transaction to some other , and the kind of attack is called as a boy the browser txt what happens the boy in the browser attack is of a user when she loved into the bank account he suddenly sees a page pop up nothing no please update your details with your current address your password to your identity of residential address and everything so you can actually go ahead and you enter leaders but actually that that information is getting it getting readout it to a proxy site and that is not at the bank that’s not the bank’s website that’s actually a hacker’s proxy site and all that information is taken to his side hackers never sit on computer it’s either done by a social engineering the term social learning is nothing but you know getting information from your colleagues from your friends what is password what kind of phosphor be try to brute force into the account of forcing is of trying different permutations combinations of his password and trying to get into the system.
Sometimes you can go to get your password so you try the secret question tried one so what is your mother’s name so that’s the normal type of group for that happens in Pakistan or India at least and that’s how though your email account or your bank accounts are broken too right now all the banks are employed in played two factor authentication.
Two-factor authentication is not static pass with the aerodynamic passwords they always change from time to time so there’s no way anyone can guess your password all these changes, oh so hackers normally you know the building exploit expert is nothing but a piece of code or software that you know sits on your computer or sent to you by email and then you click on that software and and you know that software will exploit that vulnerability a very interesting and funny thing happened to me this interview.
I’m Big Apple fan so I recently received an email saying that you know you’re getting an iPhone fall in so-and-so price conference website so i like a fool and on that website is actually a chinese website. I’ve been a website and I look at the price and it was quite attractive and I was dying to buy that phone because you know that are just launched in and I’m a big Apple fan.
I’ve been to the website they asked me to register when I just said I just entered my email address that was it I didn’t enter my credit card because nothing the moment I entered my mother’s and register for it. I got a confirmation mail think that not all registered you can go ahead and book i was i’m actually lucky not go ahead and book the iPhone 4 on that website after a couple of days some friends called me up saying that very same meals from your comment saying that i have bought new iPhone 4 why don’t you go ahead and try this site and I actually look at the meals my account was hacked and their emails being sent from my account they’re saying that Lloyd has bought an iPhone 4 from Center site why don’t you go ahead and buy any person can be don’t get into this field he just have to have the love for computers love for technology love for solving problems and have the willingness to sit and always update themselves because hackers the bad bad guys always think out of the box.
So as an ethical hacker you to have to think out of the box you don’t have to keep on updating yourself you have to always you know being that learning more cells nine more and you know get out on the internet loan new technologies be willing to you know adaptive technology from time to time you have to be a you have to be a graduate to become to get into the security field because most accomplished today want some degree in hand for the wait for the person who would be able to employ and of the graduation stream doesn’t matter a different code seven in the market this course called CH is the most widely recognized course at the full form of CH a certified ethical hacker.

How to become a Bug Bounty Hunter

While you’re learning it’s important to make sure that you’re also understanding and retaining what you learn. Practicing on vulnerable applications and systems is a great way to test your skills in simulated environments. These will give you an idea of what you’ll run up against in the real world.

  1. bugcrowd.com
  2. hackerone.com

Back to top button
Close