Forum Discussion

androidc3pO's avatar
androidc3pO
Level 1.5: Cupcake
15 days ago

Tech Newbie interested in mobile cyber security, after multiple hacking events, seeking suggestions, tips, advice etc, to get involved.

Hello All,

 

I am looking for advice, tips, suggestions, or helpful info, to begin a career/ journey into the world of Mobile Cyber Security and Tech. My interest was sparked after multiple hacking events that were very damaging to my life, my digital life, my work life, my relationships, my mental, physical, and emotional health, my data, information, and intellectual property of my business, and more. Now I am being pulled to learn how to protect myself first, and second so that I may be able to help others. I guess Ethical Hacking is the term. Any info helps. 

 

Thank you,

Androidc3po

App Management
Devices
Everything Else
Guide
Management
security
Tips
Work Profile
Zero-touch

2 Replies

  • Alex_Muc's avatar
    Alex_Muc
    Level 3.0: Honeycomb
    15 days ago

    Hey,

     

    we sometimes notice problems that could theoretically be exploited with some effort. However, we simply open tickets with the developers so that they can fix it.

     

    For ethical hacking, you should have a broad knowledge of networks, scripting, and operating systems.
    To encounter issues or vulnerabilities, one should think outside the box and approach topics in an unconventional manner.
    When I looked at CVE-2025-22442, I thought to myself, “Of course it's possible!” I just hadn't previously considered that the mechanism could be exploited. https://bayton.org/blog/2025/04/cve-2025-22442/

     

    Scripting in particular is a very important tool. On the one hand, you may not be fast enough with commands yourself. On the other hand, you want to test various commands automatically. I have heard that forced application crashes can be an indication of security vulnerabilities. But first you have to find out how/whether you can exploit this for your own purposes. Presumably, one can learn a lot from old security vulnerabilities by studying how each vulnerability worked and how it could be exploited. When testing IT systems for vulnerabilities, you should first find out whether or not this violates any laws.

     

    If you encounter vulnerabilities in the future and report them, don't exaggerate. And certainly don't try to make it as media-effective as possible. They become media-effective all by themselves when the vulnerability is really significant. Very often, reports from white hats are very welcome and are usually taken seriously by companies. If you don't communicate on an eye-to-eye level, it can damage your reputation.

  • Michel's avatar
    Michel
    Level 4.0: Ice Cream Sandwich
    14 days ago

    hey there!

     

    Its been a while since i've been active in that field, but as mentioned by Alex_Muc​ , scripting is really important. Exploiting is manipulating something in a way that it was not designed for (in most cases). There is probably no tooling available for that, so you need to be able to design your own. Especially when looking for zero days. 

     

    There are some good courses on uudemy as a starting point, but thats really a starting point. It takes a lot of trial and error and learning. 

     

    To add to what alex said, knowledge of databases could be very helpfull as well. So much software uses some sort of database which are open to be abused :)

     

    Good luck and keep us posted!