Ethical hacking – Unplayable video games

January 22, 2024January 19, 2024

I have wanted to try ethical hacking for years

Probably about 3 years ago I read through web hacking 101 and read a few pages of 2 of owasp’s books about web hacking and mobile hacking.

I even got burpsuite and zap running on slacko 5.7. Though it was not the newest version of burpsuite. At the time it was the newest version of zap.

I set both burp and zap to run with palemoon because at the time palemoon was the newest browser I could use on my computers.

I watched some hackerone and bugcrowd tutorials. But, I never dug deeper into learning about bugs.

I supposed ethical hacking is like a lot of things I want to learn. I only go through tutorials. I have never done any hacking or tried to improve my skills. I have done a CTF or 2 at hackerone. I even tried hackthiswebsite.

I also read 2 or 3 books about ethical hacking. Well they were about hackers.

But, I still have not tried to find a bug. And I think trying to find a bug would be so fun. I mean in my wildest dreams I don’t think I could ever find a bug and submit it as a report and get payed for it.

So I hope I learn more about ethical hacking and one day get payed to find a bug, I will see what happens.

January 10, 2024January 6, 2024

I got caido working right

I was on my dell xps laptop and using fossapup 9.5. One problem I did have is that I could not download the ca.crt file because I had uninstalled palemoon. So I restarted my computer and booted up fossapup9.5 again.

Since I was not using a save file everything that came with puppy was installed. So when I tried to download the ca.crt file for the certificate it worked. Palemoon popped up to allow me to save the file to downloads folder.

Then I imported the certificate into firefox and set up the proxy in firefox. And I went to different websites and the http history showed the requests and responses. I thought it was so cool looking at the requests and responses.

I thought I would never get caido set up right. I am glad I was wrong.

I have no idea how I got zap or burp suite set up in slacko5.7. I suppose I figured it out somehow.

So now all I need to do is learn about ethical hacking. Since I want to learn about it. And I am sure there are a lot of other tools I will want to learn how to use.

At least I got caido set up right.

January 4, 2024January 3, 2024

I tried caido

Yesterday I tried caido which I had learning about from insidephd on youtube awhile ago. I had never tried to run caido before but, since its the new year and I want to start ethical hacking I figure it time to start learning.

So the reason I wanted to learn how to run appimage files is because one download of caido for linux is an appimage.

So I downloaded caido and made the appimage executable. Then I clicked on the file and caido started up.

Then I took a look at caido’s documentation. I learned that I had to download and import a security certificate to firefox.

I am sure I had to set up a security certificate for palemoon when I used burpsuite and zap but, I had forgotten about security certificates and having to set up the proxy for browsers to use the proxy programs.

So I downloaded the certificate and set up the proxy for firefox but, when I tried to go to websites instead of the website popping up I would get a security warning. I was disappointed.

Though I was excited that I finally got to use caido. All I have to do now is see if I can set up the security certificate right. I have no idea if I will be able to.

So I will see what happens.

March 2, 2021

I wish I were farther

along with ethical hacking. As of yet I have not found my first bug. And I have not even searched for any bug. I have tried capture the flag on hackerone. That is about it. I do know more about ethical hacking now than when I signed up for hackerone and bugcrowd. So that is a plus

I am thinking that if I learn about business logic errors maybe I could find some of those bugs first. If I remember right insiderphd says those are the easiest to start with.

I am not that interested in computers anymore. The idea of finding security flaws in a web application does excite me so I figure I will continue learning about ethical hacking.

January 5, 2021January 5, 2021

I want to focus on learning

at least one vulnerability. If I can focus on a lot about one vulnerability then maybe I will get good enough that I will be able to find bugs of that type. Right now I know the names of some type of bugs but, I don’t know how to find them.

I watched about 10 minutes of an insider phd video about business logic bugs. Whats are bugs that have to do with the logic of an application. I will have to go back and try to learn what a business logic bug is.

I can do this. I can do either hacking. I hope.

January 4, 2021

I was thniking about

about ethical hacking the other day. And I thought I am no where near to being able to find a bog. And I want to find a bug. Otherwise why bother with wanting to learn to ethically hack.

I know I want to be able to hack websites and mobile applications. Its weird I want to hack but, I don’t like the internet that much. But, computer security interests me. So I want to learn how to find security bugs.

But, I have been trying to learn ethical hacking for about a year and a half with not much to show for it.

I know about zap and burp suite. I did not now about them a year and a half ago left alone have them on my computer.

So this year I hope to find some bugs. It does not seem like it will ever happen. But, I can’t predict the future. I wish I could but, I can’t.

October 22, 2020October 21, 2020

I want to get better

At capture the flag. I have found 2 flags. 2 flags are better than none but, i want to better better. I don’t know if playing capture the flag will make me a better ethical hacker. All I know is that I want to get better at capture the flag.

October 17, 2020October 18, 2020

I am reading

owasp’s web security testing guide version 4.1 and owasp’s mobile security testing guide. And it seems that testing mobile apps is a lot more involved than testing websites.

I already knew a little about web security testing from reading web hacking 101 and owasp’s web security testing guide version 4.0. But, I had no clue how to test mobile apps when I started reading the mobile security testing guide.

Its fun reading about ethical hacking. I have not found a bug yet or even searched for a bug but, at least now I believe that if I ever do look for bugs that maybe I could find one.

August 6, 2020August 5, 2020

I am reading

Version 4.1 of owasp’s web testing guide. I have read 75 pages of Version 4. so this time as I read through the book I want to find a website from a bug bounty program and try the ethical hacking techniques as I read along in the book.

I won’t remember what I read if I don’t practice what I am reading. I think.

August 4, 2020August 3, 2020

Ethical hacking Books

I watched a video by cristi vlad about two bug bounty books. I had heard of owasp web testing guide. I was unaware of owap’s mobile testing guide. So I downloaded both books. I had to keep going over the part of the video where cristi get the latest version of the mobile testing guide until I figured out what he was doing to get the most up to date version of that book.

I have been reading owasp’s web testing guide version 4 and was unaware that they game out with an updated version 4.1. I thought oh, no I have not even finished version 4.0. I figure I can read both versions.

I am excited to learn about android and ios hacking. I know nothing about how to hack them. So it will be fun to learn.

I hope to read both the web hacking book and the mobile hacking book. That is about 1100 pages. So that should be a piece of cake. Right. I will give it a try.