Hey! Couple Quick Noob questions.i'd Like to Know That in Order to Find Bugs or Vulnerablities in Sites Like Facebook,Google Do I Need to Get Permission First or I Can Just Start Finding Vulnerablities and Report Them When I Found Them? And Do I Need to Stay Anonymous While Finding Vulnerablities Because I Am Going to Report Them if found.do I Need to Hide My Identity?..Thanks
Forum Thread: Ethical hacking
- Hot
- Active
-
Forum Thread: when i am working with msfconsole. An error comes 2 Replies
1 yr ago -
Forum Thread: Hiya, New to NullByte Forum, Been Watching Youtube Vlogs, Installed VirtualBox, Tried Kali, Installed Parrot Security 1 Replies
1 yr ago -
Forum Thread: How to Tell a Company the Website Might Have a Security Mistake??? 1 Replies
1 yr ago -
Forum Thread: How to Hack for Away Android Using Mobile Sim Internet .Through Kali Linux Using Meterepreter and Msfconsole. 1 Replies
1 yr ago -
Forum Thread: Magnifier a Python Script for Information Gathering 0 Replies
4 yrs ago -
Forum Thread: Need Help for Website Hacking 0 Replies
6 yrs ago -
Forum Thread: How to Exploit Any Windows OS with Word Doc File (Not-Macro) 1 Replies
7 yrs ago -
Forum Thread: i need assistance 1 Replies
7 yrs ago -
Forum Thread: How to Make Your Files and Website Accessible to Public Without Uploading It to Any Servers? 0 Replies
7 yrs ago -
Forum Thread: Punycode Phishing Attacks 0 Replies
7 yrs ago -
Forum Thread: Computer Hacking 1 Replies
7 yrs ago -
Forum Thread: Problem with Kali liveUSB (TPlink722n Won't Put on Monitoring Mode. 0 Replies
7 yrs ago -
Forum Thread: Problem with My Virus 0 Replies
8 yrs ago -
Forum Thread: Soon 0 Replies
10 yrs ago
3 Responses
If user A is accessing Facebook using mobile site: Here, he needs to make a post.
The user A will go to the profile of user B. For example, User A will go to m.facebook.com/b
Then user A will post the URL of user C (For example, "facebook.com/c") to the B's profile as a post via mobile site.
Here, the magic happens. The post will get automatically disappear, as neither the user A nor B will be able to see the post containing a link of a profile that has been blocked by B. But if B doesn't block C then the post will appear on the user B's Timeline.
It is generally considered ethical to obtain permission before attempting to find vulnerabilities in a website or application. This is known as "ethical hacking" or "white hat hacking." Many companies, including Facebook and Google, have a "bug bounty" program where they offer rewards to security researchers who responsibly disclose vulnerabilities they find.
As for anonymity, it is not strictly necessary to hide your identity when reporting vulnerabilities, but some security researchers prefer to do so in order to avoid any potential legal or professional repercussions. Ultimately, it's up to the individual researcher to decide whether or not to remain anonymous.
Great questions! When it comes to finding vulnerabilities or bugs in websites, it is always recommended that you obtain permission from the website owners first. Attempting to find vulnerabilities without permission could be considered illegal and could lead to criminal charges.
Many companies, including Facebook and Google, have their own Bug Bounty programs that encourage researchers to identify and report vulnerabilities in their systems. These programs offer rewards for finding and reporting bugs, but they also come with clear guidelines and rules for ethical hacking.
To participate in these programs, you will need to register and agree to the program rules, which typically include requirements to avoid disrupting the normal functioning of the system, not disclosing any information about the vulnerability until it has been resolved, and reporting the vulnerability in a responsible and ethical manner.
As for staying anonymous while finding vulnerabilities, it is always a good idea to take steps to protect your identity and privacy when participating in Bug Bounty programs or any other security research. This can include using a pseudonym or alias, creating separate email accounts and using a VPN to protect your online identity. However, you should also be prepared to identify yourself to the company or organization once you have found a vulnerability that you wish to report.
Share Your Thoughts