Vulnerabilities can be broken down into several categories, most of which come from certain security measures being outdated.

* The password protection (hashing) is outdated and easy to crack
* The website doesn’t support encryption (HTTPS)
* The website is vulnerable to code injection – tricking the computer into executing code when it’s supposed to be storing data (like if your username contains a piece of code.)

Hackers test for common problems and when they find one, they use it to expose more issues. You work on a website bit by bit, exploit what you can, and run into a lot of dead ends. This is an example of how you might break into a database and then how you would crack the passwords in it:

[https://www.youtube.com/watch?v=ciNHn38EyRc](https://www.youtube.com/watch?v=ciNHn38EyRc)

Systems are like a house. They all look different but they have things in common.

For instance if I wanted to mess with someone’s plumbing, I don’t know where exactly it is, but I know what it looks like, where it is in other houses, and most importantly what it needs to function (ie a toilet or drain). At that point it’s a mix of trial and error/“I wonder if…” until I find it.

Hello, entry level cyber security person here. Most of the exploits that are found are a result of people throwing everything they can think of at the wall and seeing what sticks.

Many of these exploits are recorded and kept in public databases and websites. A vulnerability is found, patched by the publisher, reported in the patch notes, and recorded by these sites. Then a lazy (or cheap) system admin somewhere neglects to patch his systems and a hacker might stumble across it. It’s actually very easy to scan ports on public web services and see what’s open. It’s kinda like checking a building for what doors are locked.

If you know anything about setting up virtual machines, it’s relatively simple to set up a pre-configured OS like Metasploitable that has a ton of known vulnerabilities to practice hacking on. The purpose of this is an educational tool to help people learn how to protect their data, and maybe make a career in cyber security.

The best thing you can ever do to keep your system safe is keep it updated. Microsoft, Apple, and Google spend billions a year to keep their products as secure as possible.

Edit: Extra note just because I get asked this a lot: Anti-virus software does not work like people think it does. In general I recommend removing it. It is another attack vector to be infected or exploited and anti-virus loves to take system level privileges and break built in defenses for otherwise secure services.

Edit 2: 99% of all hacks are through social engineering. Phishing emails, infected USB drives, fake web links, or even just literally calling a company and making up a story to get access to their systems… these are your bread and butter as a hacker.

Most exploits are based on social engineering, not some clever hack, although weak passwords make it easier.

The best way to look at the exploit process is to look at examples.

A couple of great books to read (I did the audio books) for how the end to end exploit process works in some real world examples are Sandstorm (First state sponsored (allegedly Russia) cyber attack on civilian infrastructure (Ukrainian power plants), countdown to zero day (Stuxnet – attack of Iranian centrifuges and first state sponsored attack crossing boundaries from cyber world to the physical world). Another great audio book on a 50k foot view on the history of espionage that puts a lot of global events into context is Cyberspies by Gordon Corera.

How bout those dumb games on Facebook, name your favorite place? Are you old enough to remember this? Etc. They are all bots farming your data and AI putting together a profile on you.

I’m not a hacker by any means. I’m not a programmer. But I can find exploits easy. I’m not going to give out my secrets on finding anything. But I don’t find computer exploits. I find business/human exploits.

But look for the obvious things first. Then check the even more obvious. Then check what has changed from last version to the version they are running. Then study other factors. Study hard. You’ll find a way in.

Because they spend years learning how to code, and how to code correctly. There is no way to keep data 100 percent secure, no password, no matter how long and complicated that can’t be brute forced with enough computing power. Basically, if you know how to code, how that code is read, and how it makes the processor process it and execute what the code says, you can do anything within reason. Because a computer is going to do what it is told, if it is told the right way, every time.

I’ve worked in IT for almost a decade.

I started learning about computers by breaking, them, taking them apart and eventually hacking them. A computer is a complicated device. Someone figured out how to take a bunch of electrons and convert that into binary which converts into code which runs programs to do complicated things.

By tinkering around with the software and hardware, I learned how to make the computer do or say something via a pop-up to another computer. Eventually I learned about how a computer was connected to other computers and how I can access those through my computer. Eventually you want to find what someone is hiding on a computer even though they don’t want you to see it because its password encrypted.

That’s all that hacking is. Rebellious curiosity.

The kinds of exploit you are talking about are only complicated because you don’t know or understand how computers work but once you get a general idea, you start to see the faults and learn to focus on those.

1. They’re smart. They understand the possible weak points of the system. 2. They stumbled upon it. 3. A developer told them 9f a possible exploit.