this post was submitted on 16 Dec 2024
700 points (98.1% liked)

Greentext

4591 readers
879 users here now

This is a place to share greentexts and witness the confounding life of Anon. If you're new to the Greentext community, think of it as a sort of zoo with Anon as the main attraction.

Be warned:

If you find yourself getting angry (or god forbid, agreeing) with something Anon has said, you might be doing it wrong.

founded 1 year ago
MODERATORS
[email protected]
700
Anon is a white hat hacker (sh.itjust.works)
submitted 2 days ago by [email protected] to c/[email protected]
45 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 72 points 2 days ago (2 children)

And the company doesn't ask for references, or proof of what was done?

[–] [email protected] 66 points 2 days ago (1 children)

“Trade secrets”

[–] [email protected] 34 points 2 days ago

"How do I know you won't use my techniques to become bad hackerman to hack your competitors? Sorry, I'm a professional"

[–] [email protected] 31 points 2 days ago (2 children)

or like a detailed report. I bet you could make a standard report and just change a few things and maybe pull the scam sometimes. The hardest part I think would be getting someone to accept from a cold call. Would need to be pretty stupid to do that to begin with.

[–] [email protected] 31 points 2 days ago* (last edited 2 days ago) (2 children)

The reports list your hardware on them generally. They need access into your network.

The truth is that instead of faking it, you just do an actual pentest. It is generally a mix of FOSS tools like kali, metasploit, nmap, etc and pay tools like nessus. These can all be automated.

Charge the money, mail them a pre setup laptop, then hit the "go" button and still sit on your ass for a week.

[–] [email protected] 17 points 2 days ago (1 children)

I was thinking this. Get a nice format with letter head or whatever for dumping from the tools but now its almost like an honest living. ewwww.

[–] [email protected] 9 points 2 days ago (1 children)

They need access into your network.

"Sir we found an issue in your security practises. You let some rando into your network. That's a terrible idea. My invoice is in the mail."

[–] cactusupyourbutt 5 points 1 day ago

I was asked to review a project of another company, and needed access to their documentation for that. they gave me access to their whole wiki instead of just a part of it. definitely included that in the report

[–] [email protected] 6 points 2 days ago

Yeah well you don’t want to try to scam smart people anyways.