Connect with us

Cyber Security

Bug Bounty : Don’t Just Learn Hacking, Win Prizes Too

If you want to become an ethical hacker and earn too then try bug bounties program that offers handsome amount.

Published

on

Bug Bounty

Overview

The world is full of bad and goog hackers, the question is what you choose to become.

If You decide to become an ethical hacker and want to start your carrier as a solo.

I have listed below some bug bounty platforms where you can find those programs

offering a big amount of bounties.

Hacker1

This platform is one of the best where you can find a large number

 of bounty programs.

If you are a pro hacker, you can make a lot of money easily even so If you are new you can learn a lot from the vulnerabilities being discovered a being published on hacker1 so others can learn.

The members of hacker1 gets invited for private programs if you earn enough points by capturing the flags in their CTF Challenges.

They have a section called HACTIVITY where a lots of vulnerabilities are being disclosed so a have look around.

Bugcrowd

Bugcrowd is good platform for someone who wants to get money and fame both at once form bug bounties Bigcrowd shows points you earn from bug bounties in the leader-board.

You can sin up as Researcher so you can hack legally and get paid or you can sin up as customer and ask others to test your website and pay them for their good work.

Bugcrowd offers various solutions to that can integrate your current system and easily make a successful program for bug bounties.

Intigriti

On Intigriti you can work for anyone you want or you can be assigned to 1 private program.

Getting invited for 1 specific private program increases the chances that you can be hired by them for future projects.

Bounties on Intigriti varies as the company it can go up to €20,000.

Intigriti also ranks their researchers(hackers) on the basis of reputation points they get by finding and reporting vulnerabilities so go try your

luck.

Synack

Synack is not just to discover bugs but it will also provide you the ultimate guidance and training about security.

synack red team has a reputation that they are the best researchers around with world working together.

Together they secure you before the bad guys can do the harm. You can apply as an security researcher in the synack red team.

YesWeHack

Like other Platforms YesWeHack offer bounties and rank the Researchers according to their reputation point on their Leader board.

It has a hacktivity Section where latest vulnerabilities are being disclosed for public knowledge so other and specially new researchers can learn from them.

Hack The Box

Hack the box is platform where you can practice and expand your skills.

It provides you pen-testing labs for that. Plus point it enlists a number of jobs that might take your interest.

It is a platform worth taking your time if you want to get jobs in cyber security.

Conclusion

These are some best platforms giving offers all you need to take a step ahead .A lot of people are earning making a carrier out of it.

You want to be one of them? Then what are you waiting for Start the quest towards your dream today.

Best of Luck!

Continue Reading
Advertisement
Click to comment

Cyber Security

Learn How To Hack

how to learn hacking?
Here are some websites to guide you how to get some skills you need.

Published

on

Overview

Here are some websites where you can learn hacking and test your skills legally
To best of my Knowledge these are some useful platforms if you are wondering how to become a hacker and where to test you knowledge and skills you gained.

Hacker101

Talk about a good place where they provide you free videos to learn hacking skills, they have CTF(capture the flag) challenges where you can test your skills.

They also provide free video lectures to boost your knowledge about various types of vulnerabilities,
there is a resources section and even a discord.

If you got stuck in any challenge you can ask from community for help ,they’ll be
happy to help you out.

Hack The Box

Amazing pen-testing labs where you can find old and new machines
to test your hacking skills on.

They have challenges like Reversing,Crypto , web, mobile and lot more other stuff you’ll find worth giving your time.

The interesting thing about hack the box is you won’t find a sign Up button on their website
you have to hack the website get sign Up invitation, Good Luck!

bWAPP

This is a buggy application,its free and open source. You want a place with a lot of vulnerabilities to test your skills on, bWPP is more like one.


It has like more than 100 vulnerabilities like DDos,Heartbleed,
ClickJacking you can attack and test yourself that how good you know
about vulnerabilities.

It can be hosted on Linux or Windows or you can install the bee-box that is a custom Linux-based virtual-machine that comes with bWAPP installed with it.

Hack This Site

If you are looking for websites that openly invites people to hack
them, Hack This Site is one of them.

Hack This Site is a legal platform to train hackers and test how much skills they got.
So feel free to give it a try.

They also have some challenging missions to help you get some skills in hand. If you want to help them in a way of appreciation you can also donate them.

Google Gruyere

This website with a cheesy look is providing you a lot of and vulnerabilities that you might enjoy exploiting.

As like any other platform it has some challenges for hackers to play with and find information about how you can exploit different types of vulnerabilities.

The best part it highlights the weakness you need to exploit and in any case you got stuck in any of challenges,every challenge comes with some hints to help you out.

Continue Reading

Cyber Security

Proven hacking techniques that hackers can use to exploit your system

Hacking Techniques that hackers can use to exploit your system, steal your information. Here is the complete detail with cautions.

Awais Ahmad

Published

on

When it comes to hacking, we have different techniques to exploit any system. Most of the times simple social engineering techniques work for you and hackers get your information without much effort.

Let’s talk about different techniques that hackers may use against you and steal your credit card information, passwords, or any useful information.

1- Social Engineering

It doesn’t really need code or any virus to exploit you. In social engineering, you use simple techniques to gather personal information and can use this information for personal use.

For example, someone may call you and represents himself as an agent by the bank. He may ask you for credit card info, and you will easily give it to him because he is pretending to be an agent. But don’t trust him. Once he gets the information, you may get your money lost.

This is not limited to bank call frauds but the one can find some other ways to trick the target,

Jessica Clark; a social engineer explains how easy it’s to get the info from your phone provider

2- Email Hacking

Do you see any spam emails in your email list? If yes, don’t ever open it until you are sure about it. Someone may send you a cold email and get your information.

Remember what you see is not actually what you see. Sometimes a hacker used to send emails pretending to be your close friend.

Let’s suppose if I send you a link to a game and ask you to install it on your mobile. Once you open it, play it, you will enjoy it. But on the other hand, I will exploit you because my target was achieved.

3- Trojans and Backdoors

These are great kinds of viruses as they hide their actual identity and pretend to be reliable files. Someone may attach these viruses with the files like pdf, jpeg or any else. And you won’t even see what’s going around you.

Once they do their work, they can harm your system.

One real-time example that I see was a ransomware attack. It got access to my PC and encrypted all the files. Unfortunately, the admin access to my laptop was also compromised and I was unable to install any anti-malware to remove it.

It worked silently and I was amused that how is that possible but the truth you can never deny.

4. Brute Force Attacks to Steal Passwords

Your password is easy to hack even though when you have used a password strength tool and are sure about its security. We can never say that anything is fully secured.

When it comes to hacking passwords, we can use different tools and tricks to steal your password.  Most of the time we use the passwords that are related to our life events, your best friend’s name, your date of birth and so on.  And these kinds of passwords are easy to break.

Another way that hackers use to know your password is Brute Force or Dictionary Attack.

There are words list available on the internet. They just use these words list in their brute force algorithm until your password is found and finally, they will have access to your account.

5. Website Attacks

The super cool attacks. Not every developer is concerned about security. He is rather concerned about development. There can be errors from security perspectives.

Attackers can use SQL Injection to harm your website/server. WordPress sites are found to be an easy hack for hackers due to the open-source structure of the WordPress CMS.

You can either use your power to exploit someone or save someone. It totally depends upon you how you use your powers. Can you imagine the top hacker of all time Kevin Mitnick is now a top security consultant and best seller author? So, if you are preparing to be a hacker, become the good one (Ethical Hacker).

Continue Reading

Cyber Security

Top Pakistani Hacker Rafey Bloach

Rafey is an ethical hacker and a security researcher. He has been listed under the category of top 5 ethical hackers.

Awais Ahmad

Published

on

Rafey Bloach

Rafey Bloach is a top Pakistani Ethical Hacker and Security Researcher best known for finding vulnerabilities in the Android Operating System.

He has been featured in many National and International magazines, forums, and newspapers. He’s also been featured for bug bounty hunter programs in Google Hall of Fame, Facebook and, Paypal.

Early Career Life

Rafey in his interview says he was not a brilliant student getting high grades. Rather he was just a normal student. He says he like challenges and all that he has got is the result of his firm attitude.

He started blogging in his college life to support himself. Later when he gets admission to the Bahria University, he had the same grade issues. But he was clear about his goals and chose to work on his skills.

He implemented what he learned and finally, he is now in the top Ethical hacker’s list of the world record.

Most of the time hackers used to exploit the systems and harm others but Rafey chose a positive way and presented himself as a peace towards the cyber world.

Achievements

Rafey found the vulnerability on Paypal’s systems and used to get access to Paypal’s system. He was rewarded with $10,000 for finding the vulnerability. He’s also been in Google Hall of fame and also featured on top websites including Yahoo News, Forbes, SC Magazines.

Publications

Rafey is not only an ethical hacker but an author too. He has his own publications including:

  1. Poking A Hole In Whitelist For Bypassing Firewall 
  2. Bypassing Browser Security Policies For Fun And Profit
  3. Modern Day HTML5 Attack And Defence Vectors
  4. Ethical Hacking And Penetration Testing Guide
  5. Bypassing Modern WAF’s XSS Filters – Cheat Sheet
  6. Breaking The Great Wall of Web

Continue Reading

Trending

Copyright © 2020 Prolonged Worker | All Rights Reserved