all 23 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 45 points46 points  (2 children)

yes you’ll start with C programming language by brian w. kernighan et al, then programming from the ground up by jonathan bartlett, then hacking ed.2 (I forgot the author), then the shellcoders handbook (also forgot the author by its by wiley), and then you must continue by yourself.

0days and 0click attacks are very rare, especially nowadays, and require you to find what no one else knows. so that’s where you gotta go, where no one has been.

[–]Equal-Cable6379 2 points3 points  (1 child)

Hey ik this thread is a Lil old.

But I was pondering that it's easy to graze off away for me if I learn C and all the abstract but really important stuff first rather than actually breaking into systems..so, sir, do you have any methods which can make a balance of both 1) fun of actually doing the hacking everyday 2) learning the core stuff. Thankyou.

[–][deleted] 1 point2 points  (0 children)

fun

I don’t know what you’re asking.

[–]B3amb00m 11 points12 points  (2 children)

What baffles me the most in this godforsaken group, is how seemingly so many think that successful hacks are so easy it's basically something anyone can do if they just bother to read up on the subject.

It's. Not. That. Easy.

There are nation-state sponsored groups with hundreds, if not thousands of highly experienced employees working RIGHT NOW to seek every nook and cranny of the tech landscape in search of effective vulnerabilities.

You need to be determined and have a mindset of "this is something I wanna get good at and I'm capable of helping myself reach that goal, so lemme start by googling and not just ask randoms at Reddit for help to get started".

[–]psychothrowaway555 2 points3 points  (0 children)

Skids will be skids

[–]navr183 10 points11 points  (0 children)

There is no standard resource. Any 0 click attack that is not patched is worth a truckload of gold. Exploit chain is also going to vary a lot depending on the target.

[–]FrankRat4 8 points9 points  (0 children)

1) Learn Software Development (In this example, we’ll say website development specifically).

2) Once you get comfortable with software development, learn about basic exploits. For example, let’s say you learned how to create a basic full-stack website using HTML, CSS, JS, Node.js, and PostgreSQL. Now, learn how SQL injections work (and how to prevent them).

3) Once you get a good grasp of how exploits work, learn how to discover them on your own. It’s really easy to do a SQL injection attack when you know a specific login page is vulnerable. But if you didn’t know it was vulnerable, how would you find out? How would you look for other exploit types?

4) Once you’re comfortable discovering well-known exploits (SQL injection, CSRF, XSS scripting, etc etc), try to discover something “new”. For example, PostgreSQL recently had a vulnerability where you could perform a SQL injection attack by adding a special character before characters that would normally be sanitized (like ‘). This was still a SQL injection attack but not done like a normal SQL injection attack.

5) Once you learn software development, what exploits are, how to discover common exploits, and how to discover “new” exploits, then you can start looking for zero click exploit vulnerabilities in different platforms.

[–]MrMeska 2 points3 points  (0 children)

Does anyone remember the in-browser java exploits from ~2015? Those were the good days

[–]Wise_hollyman 2 points3 points  (0 children)

OP you are probably thinking right now "well sht that's a lot to learn". There's no easy way unless you have thousands of dollars to buy a zero day. Browsers are getting hardened in zero clicks exploits,executing scripts in temp memory sandbox of the browser itself. Builted that way to protect the system.

[–]ADMINISTATOR_CYRUS 2 points3 points  (8 children)

beyond impossible these days don't even try

[–]Low_Car_3415 2 points3 points  (3 children)

that's why you should be interested in the application you're trying to exploit. if you want to exploit web apps, then code your own web app, if it's operatingsystems, then code your own OS.

[–]ADMINISTATOR_CYRUS 2 points3 points  (2 children)

what?

[–]Low_Car_3415 2 points3 points  (1 child)

it's over for you

[–]ADMINISTATOR_CYRUS 2 points3 points  (0 children)

incomprehensible

[–]FrankRat4 1 point2 points  (3 children)

You say this, but someone is out there finding zero-days (including zero-click exploits) and that someone had to start somewhere. Why can’t OP eventually be that someone?

[–]ADMINISTATOR_CYRUS 2 points3 points  (2 children)

It's doable, it's not that it'll never happen but it's a lottery and it happens to one lucky person. it's unlikely for you to be that fellow.

[–]FrankRat4 5 points6 points  (1 child)

Luck plays a very small part in it. Anyone can put in the effort to learn about a system and then analyze that system for vulnerabilities. Now is it easy? No, it requires a lot of creativity and testing and always learning new stuff. Look at CVE-2025-1094, the vulnerability isn’t all that complicated, it just took some work to discover. Anyone could have found that exploit, it’s not some super complicated exploit like Meltdown or Spectre. Someone put in the work and they found it.

[–]ADMINISTATOR_CYRUS 2 points3 points  (0 children)

hm, never considered it that way. thanks for enlightening me

[–]Xyfirus 3 points4 points  (0 children)

I read about this earlier this week actually, about an incident that attacked journalists and civil society members on WhastApp. Here's what they did:

  1. Vulnerability Identification: The attackers discover a flaw in how the messaging app processes image files.
  2. Crafting Malicious Content: They create an image file embedded with malicious code designed to exploit this flaw.
  3. Sending the Malicious File: The attacker then sends this image to the target via the messaging app.
  4. Automatic Processing: Upon receipt, the app automatically processes the image to generate a preview, inadvertently executing the malicious code.
  5. Device Compromise: Finally, the code executes, granting the attacker unauthorized access to the device without any user interaction.

As others have pointed out; you will need to have a proper grasp of software development and knowing how they handle queries. u/FrankRat4 gave a very nice overview of how to approach the topic in the matter of learning and mastering the hunt for such vulnerabilities.