I just answered a post and noticed I've never really explained this. I don't care about being the best or financial gain; hacking gives the ultimate high. I copied and pasted my response to the thread.
fd
Excellent question! My methodology stems from personal experience. For instance, when I started, I found SQL injections were an easy target. All you needed were Google dorks, Sqlmap, and pressing the ' button to check for errors. I was able to hack a "lot" of sites this way, specifically database dumps and login bypasses. These small wins helped with confidence and enforced persistence. I also took this approach for XSS and misconfigurations. Another thing that helped was a "lot "of note-taking and initial reconacense. As I improved, I started to use tools more to collect data for manual testing. This allowed me to find more bugs and come up with conclusions about their existence. Now, I rely on manual testing and custom tools because most tools don't fit the use cases and weren't made to keep me from getting caught. One important thing that always heightens my skills is reviewing my procedures and vulnerabilities used in my other attacks; the goal is to see the bigger picture of where, what, and why they were possible. If I struggled to exploit a potential weakness, I'd write down (on paper, to later be burned) all the known attack methods I could think of and find. This was important because it allowed me to focus on the realistic ones and not rely on memorizing every attack type and method. I never liked online training tools like HackTheBox or CTFs because I never found them realistic. Also, most answers are online, and the trainings allow you to start with easy challenges and go too hard. Doing training like this never stuck with me because I knew there was always an intended solution, and this did not feel realistic. I started illegally hacking, and those methods remain in my knowledge because they were real and gave me a high. For resources, I wouldn't waste my time watching YouTubers hack intentionally and legal targets. If you're going to watch YouTube videos, I would recommend watching ones about legit bug bounties that explain things you have some knowledge of or that help achieve a realistic problem. I won't go into my current methodology because you should make your own based on your experiences. One thing I forgot to mention is always, always think about the worst thing you can do and how you can elevate your hacks, for instance, don't just hack a database and stop, attempt to brute force the admin hashes or try password spraying by checking if that user is in other leaks. Vulnerabilities in custom code are harder to fix because, most of the time, they can't just be fixed by installing an update. Byyyyyy.
fd
Excellent question! My methodology stems from personal experience. For instance, when I started, I found SQL injections were an easy target. All you needed were Google dorks, Sqlmap, and pressing the ' button to check for errors. I was able to hack a "lot" of sites this way, specifically database dumps and login bypasses. These small wins helped with confidence and enforced persistence. I also took this approach for XSS and misconfigurations. Another thing that helped was a "lot "of note-taking and initial reconacense. As I improved, I started to use tools more to collect data for manual testing. This allowed me to find more bugs and come up with conclusions about their existence. Now, I rely on manual testing and custom tools because most tools don't fit the use cases and weren't made to keep me from getting caught. One important thing that always heightens my skills is reviewing my procedures and vulnerabilities used in my other attacks; the goal is to see the bigger picture of where, what, and why they were possible. If I struggled to exploit a potential weakness, I'd write down (on paper, to later be burned) all the known attack methods I could think of and find. This was important because it allowed me to focus on the realistic ones and not rely on memorizing every attack type and method. I never liked online training tools like HackTheBox or CTFs because I never found them realistic. Also, most answers are online, and the trainings allow you to start with easy challenges and go too hard. Doing training like this never stuck with me because I knew there was always an intended solution, and this did not feel realistic. I started illegally hacking, and those methods remain in my knowledge because they were real and gave me a high. For resources, I wouldn't waste my time watching YouTubers hack intentionally and legal targets. If you're going to watch YouTube videos, I would recommend watching ones about legit bug bounties that explain things you have some knowledge of or that help achieve a realistic problem. I won't go into my current methodology because you should make your own based on your experiences. One thing I forgot to mention is always, always think about the worst thing you can do and how you can elevate your hacks, for instance, don't just hack a database and stop, attempt to brute force the admin hashes or try password spraying by checking if that user is in other leaks. Vulnerabilities in custom code are harder to fix because, most of the time, they can't just be fixed by installing an update. Byyyyyy.
