Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

Thread: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

  1. Black Oracle's Avatar

    Black Oracle said:

    Advice Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Do you know the differences between a whitehat, greyhat and a blackhat hacker?
    There is a big difference between all 3 types, and one of which you don’t mess around with.

    Normally, kids in their early teens start with ‘kiddie scripts’ which are basically what hackers have just posted on forums. But if you wanted to learn this area of cyber security you would need to know a lot more than proxies, TOR, VPN’s, etc. – are you safe behind all of these?

    Some of you, already know what I can do, so I’m not going down those paths again. I informed a guy a few days ago he had 4 critical exploits showing on his website, yet the company that was behind the script he was running had only patched their script a few weeks previously.

    So, where am I going with this, well if you want to learn hacking or become a candidate in Cyber Security (this is a very high paid job these days, and companies cannot even find suitable candidates) – you would benefit from a really good area of the web!

    I learned what I know mostly from self-teaching, but this way causes one problem, you don’t get the certificates that prove you can penetrate at various levels, whether on networks or directly to servers.

    Most companies offer you free courses these days, but charge you preposterous CHARGES for the certificates. Because I do a lot of resourcing every day I thought of you guys would benefit of practical online courses that are totally FREE, and also gives you the certificate for FREE, so you can show these in your LinkedID profile, or with your CV. Either way it will give you a lot more knowledge, and hands on experience of security online. I could list well known groups behind these companies, but you’ll probably find out anyway as you if you do any of these courses!

    Cybrary Tag: @8lack0racl3

    Courses Available:

    [Only registered and activated users can see links. ]

    If you have no experience in IT at all, but you want to become a penetration tester, you should begin with the A+, then Network+, then Security+, then Ethical Hacking and then Advanced Penetration testing.

    This website has over 4 million members, and some of the groups that are well known used this site as a starting point, which gives you some idea, of what can be achieved!

    I hope this helps some of you, the US and UK are both looking for people that want to work in Cyber Security, and you are looking figures of around 100,000 people!! It’s an industry that is well paid, and worthwhile.

    The courses on Cybrary are enough to get you that dream job!

    Regards,
    Black Oracle
     
  2. Ashley's Avatar

    Ashley said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Great post and thank you for the links, I've never done anything like this but it does appeal to me.

    I will over the weekend take a better look and see what's available on there for me.
     
  3. piggzy's Avatar

    piggzy said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Page bookmarked.

    Ultimately we would all dream of hacking into our own bank accounts and doing something extremely illegal.
    I however would be more than happy with hacking annoying cunts Facebook accounts and fraping them.
     
  4. Ashley's Avatar

    Ashley said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Quote Originally Posted by piggzy View Post
    Page bookmarked.

    Ultimately we would all dream of hacking into our own bank accounts and doing something extremely illegal.
    I however would be more than happy with hacking annoying cunts Facebook accounts and fraping them.
    We all dream of doing this and just the chance to learn the basics is good for me.

    Are you thinking of trying any of them too?
     
  5. Black Oracle's Avatar

    Black Oracle said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Facebook, has not long paid a hacker $15,000 for finding a hack which would allow him access in to anyones account, he didn't need the password nor did he attempt to change them. At first he ran a test on the facebook development server, just to make sure it worked. Then he applied the same logic to the normal facebook servers, straight away he could login to anyones account - not even required password!

    He reported the exploit to Facebook, whom gave him $15,000! Many companies do this, it gives the hacker an incentive that he could be doing, by earning money from find exploits! They are not as difficult as people think, the depth that we can penatrate any site is not an issue, these days, the tests run at any single time is the main timing factor. Tasks are classed as 'Transforms' which is basically a set of instructions to run, multi-tasking, etc or a 'macro' are similar. It is the way all websites are checked, but in this case they are being investigated, these are normally 'mapped' out, so all servers connected to a domain can be found, including scripts that are being run, or even if a website is calling code from a repository, everything can be investigated including all MAC addresses.
     
  6. CzarJunkie's Avatar

    CzarJunkie said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Thanks for the recommendation. I have a question, in a previous thread you commented that Wordpress can have as much security as you like, but it's still easy to hack. Cybrary is built on Wordpress. Should I be worried that a company teaching me cyber security is using such a vulnerable platform?
     
  7. Black Oracle's Avatar

    Black Oracle said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    That is a very good question CzarJunkie, and most people wouldn't give it a second look!

    There are two main scripts that have bad security, Wordpress has come on better in the later years - the other script is phpBB the free forum script. Both of which are released under the GPLv2 (or later) from the Free Software Foundation, hence why hackers tend to ‘hit’ these scripts more than commercial equivalents.

    Now, Cybrary is built on Wordpress and there is another website that I know of that is built on phpBB. You would assume by using these well-known scripts that have been hacked so many times in the past, why would these two be any different.

    Even now Wordpress and phpBB are still constant targets for hackers, but not your average hacker, it is normally ‘Script-Kiddies’ using stupid tools they gain from ‘so-called’ hacking forums.

    You’re probably thinking so why haven’t these websites using GPL scripts targeted? The answer to that is simple, for a start they do not follow instructions by Wordpress themselves to update exploits found, the same applies to phpBB (I can’t name this site for a number of reasons! – they are also blacklisted). The teams behind these websites have altered Wordpress and phpBB in ways that standard hacking fails upon, because these guys update their scripts to suit them, and security being the main area!

    If you check the members on Cybrary you will see a figure growing closer to ½ million on a Wordpress website, that is some accomplishment in just over a year of being online, since January 2015! Now, compare this figure to a phpBB forum I am a member of, which is in excess of over 4 million members!! Now, this website is using off-shore servers due to content contained, therefore they do not have any laws that they must abide by, and they have been online for over 10 years! ISP’s have tried blocking them, but that is a useless exercise, when you can change it in a few seconds!

    But in both of these case stories you have one thing in common, and that is they are setup and recoded heavily on security.

    Here is a case study on Cybrary.it:
    [Only registered and activated users can see links. ]

    Chief Information Security Officer (CISO)
    The median salary for the position is $131,322, according to estimates for 2015 by PayScale. Large organizations may pay as much as $240,000 per year while some on the low end pay about $81,000. Would this not be a better salary than you are currently receiving?

    So, as you can see - the actual rewards for knowledge of this industry is very well paid, and on top of that you are looking at companies in the UK & US - that both have a shortfall of over 100,000 vacancies in this line of work!
     
  8. Over Carl's Avatar

    Over Carl said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    I wouldn't consider myself a hacker so I will give my opinion and state that I would be most happy to be corrected.

    I'm thinking a job like that probably wouldn't really work if it was considered just as a regular 9-5. For someone to actually prosper at that kind of work would require genuine interest and dedication which would drive continual experimenting, whether for financial gain or simply to expand knowledge on the subject. I'm just recalling my sysadmin days and remembering my home lab that I ran just because I wanted to. Edit: sometimes these tests included stuff that would probably come under pen testing, e.g. trying to run scripts against my own servers, trying to hack my wifi pw, setting up mitm against myself, etc. which I did for curiosity and to deepen my understanding even though it had not been requested of me by my employers.

    So I'm guessing most of the people well suited to this kind of thing will probably already be experimenting and training. For people like that, maybe these courses could help to further these experiments and skills. However I doubt someone who has never gone further than changing their SSID and password on their home router will suddenly be able to become a serious hacker even if they succeeded at all these courses you have kindly linked to.
    Last edited by Over Carl; 18th June 2016 at 06:33 PM.
     
  9. DavidF's Avatar

    DavidF said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Quote Originally Posted by Over Carl View Post
    I wouldn't consider myself a hacker so I will give my opinion and state that I would be most happy to be corrected.

    I'm thinking a job like that probably wouldn't really work if it was considered just as a regular 9-5. For someone to actually prosper at that kind of work would require genuine interest and dedication which would drive continual experimenting, whether for financial gain or simply to expand knowledge on the subject. I'm just recalling my sysadmin days and remembering my home lab that I ran just because I wanted to.

    So I'm guessing most of the people well suited to this kind of thing will probably already be experimenting and training. For people like that, maybe these courses could help to further these experiments and skills. However I doubt someone who has never gone further than changing their SSID and password on their home router will suddenly be able to become a serious hacker even if they succeeded at all these courses you have kindly linked to.
    They may not be able to play war games but with a tiny bit of dedication they may be able to get free netflix and the like.
     
  10. piggzy's Avatar

    piggzy said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Quote Originally Posted by DavidF View Post
    They may not be able to play war games but with a tiny bit of dedication they may be able to get free netflix and the like.
    Is there any other kind of Netflix :-)
     
  11. Black Oracle's Avatar

    Black Oracle said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Quote Originally Posted by Over Carl View Post
    I wouldn't consider myself a hacker so I will give my opinion and state that I would be most happy to be corrected.

    I'm thinking a job like that probably wouldn't really work if it was considered just as a regular 9-5. For someone to actually prosper at that kind of work would require genuine interest and dedication which would drive continual experimenting, whether for financial gain or simply to expand knowledge on the subject. I'm just recalling my sysadmin days and remembering my home lab that I ran just because I wanted to. Edit: sometimes these tests included stuff that would probably come under pen testing, e.g. trying to run scripts against my own servers, trying to hack my wifi pw, setting up mitm against myself, etc. which I did for curiosity and to deepen my understanding even though it had not been requested of me by my employers.

    So I'm guessing most of the people well suited to this kind of thing will probably already be experimenting and training. For people like that, maybe these courses could help to further these experiments and skills. However I doubt someone who has never gone further than changing their SSID and password on their home router will suddenly be able to become a serious hacker even if they succeeded at all these courses you have kindly linked to.
    Yes, I would agree with you their 'dedication and interest' would be two major factors. I'm what I would class as unduly or inappropriately curious about security on the internet, being like this allows me to find information that most people would probably would not be interested in, or how various stories in the national 'controlled' media are presented. With me, I like to find out why certain news is not covered, or why on the national news they state a document is 'leaked', when I know for a fact that even I have retained copies of such documents. In a way I am like yourself, but on a bigger scale and I crave to find whistle-blowers in various companies.

    I'm not sure if you ever watched 'Blackhat' the movie? It is based by a true story at the start, which to people like myself have seen previously, one incident was the "[Only registered and activated users can see links. ]" - that worm's main objective was to create a 'melt-down' - the worm itself was coded in a code no one even knew existed, at the time. It is things like this that I find interesting. Even doing any free University course on Cyber Security, not only covers the basics, but the more students that write about the course on the whole, with links and information which can be updated by the course advisors, they take on board students that really show information that would grab peoples attention. I did this on many occasions from the 'Digital Pickpocket' that can steal money off you just by walking past you, to many other attacks that were not covered by the course, 'swatting' being one of them.

    There is a few pieces of software used on that course, which in the hands of a hacker and used with a small program, could easily copy an entire database, but it most cases there is always a reason behind certain pen attacks. It is possible to DDOS one server of a website - main reason is to cause a diversion, while on another server on the same site, a copy is being taken of the database or certain data they 'pharm', which is basically copying a part of the database. And normally sold on!

    hack1ng routers to hack1ng Access Points with some good software can certainly get you a lot of information in a place like McDonalds, while actually cloning as much more information from people on their mobiles! And very simple to do, with investigative software!
     
  12. piggzy's Avatar

    piggzy said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Quote Originally Posted by Black Oracle View Post
    'swatting' being one of them.
    Some hilarious videos of these on the tinternet.
     
  13. DJ Overdose's Avatar

    DJ Overdose said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    The only info you will get from my local McDonalds is about who knocked up Michelle from the incident in the back of a car in the carpark of the Rose and Crown... Hippy crack.


    DJ OD
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
     
  14. dainese's Avatar

    dainese said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    I knew a lad who was only 16-17 who worked at Tesco in stock control about 10 years ago; who dabbled in hacking. He was into stealing money/items in a big virtual sims type game. I imagine he would have liked to have done something like this:
     
  15. Black Oracle's Avatar

    Black Oracle said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    If you're within a 10cm radius of any hacker running a certain Android App, they can actually scan credit & debit cards - it's enough information to allow them to purchase items online and even in shops, retailers do not even know a fraudulent transaction has just been done.
    This video is old!


    Contactless cards still work like this now, because I tried it - and there is more apps to do the same job, but you have to be careful some of these apps sends the card details via email to a developer!
     
  16. doughboy's Avatar

    doughboy said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    I recall trying this(but with only basic rfid sw), and yes, out of many different cards my barclays cc was the only one unencrypted

    Sent from my SM-N910F using Tapatalk
     
  17. Black Oracle's Avatar

    Black Oracle said:

    Default Re: Have You ever looked in to becoming a paid Hacker, or even doing it as a job?

    Quote Originally Posted by piggzy View Post
    Some hilarious videos of these on the tinternet.
    'swattin' is also a dangerous attack, in one case in the US a guy was shot dead, by the occupier! Not a nice ending, in that case! Trouble is gaming companies makie it easy for anyone to get the address of anyone, it really needs re-development on that side of gaming!

    The Stuxnet worm was developed that to target industrial control systems that are used to monitor and control large scale industrial facilities like power plants, dams, waste processing systems and similar operations. It allows the attackers to take control of these systems without the operators knowing.
    If a cyber-war was to ever break-out, I would assume it would be similar to this, it's path can be wiped, even hackers can wipe all traces of them being inside systems.