FAQs | What we've been asked
If you want to know about us or about questions related to hacking/security, please ask via yehg contact form.
Ques: What does 'YGN' in "YGN Ethical .." stands for? Acronym of your group men's names?
=> It stands for the city we live in. YanGoN.
Ques: How do you think guys here who are learning hacking?
=> Most of them learn hacking to do illegal hacking, which will never do them good. They think hackers are those who deface/destroy web sites or systems on the Net. They are criminals. Cyberlaws in all countries take serious actions against cybercrimes. Every malicious activity can lead you to jail and charge you thousands of $ depending on how much damage you have caused. Don't follow ways to criminal. Look at cybercrime.gov
Ques: How do you want to suggest for learning hacking?
=> A short and quick advice is - Learn all security/hacking basics and perspectives. Then choose one specialized area. There are dozens of specialized fields in security/hacking. So, if you're now a DBA or interested in Databases, then learn all databases - MS SQL, Oracle, Db2, MySQL and learn database hacking techniques and tools. You can be confident yourself you're smarter and more knowledgable than an average penetration tester.
Ques: What is the main difference between web developer and web application security guy?
=> Most web developers are not aware of and attentive to every security flaw that may exist in their applications. They adopt secure practice only if certain flaw such as SQL injection is notoriously prevalent. Even if they take secure approach, their approach can be broken because they don't know detailed knowledge in such flaws. Web App Sec guys must know every web application related vulnerabilities and countermeasures whether they are small or big. In security-critial applications like online-banking, so-called small flaws can pave the door way for attackers.
Ques: Can you tell me variants about Blackhat, Whitehat and Grayhat?
=> Quoted from Grayhat Hacking: The Ethical Hacker's Handbook (ISBN: 0-07-159553-8)“If an individual uncovers a vulnerability and illegally exploits it and/or tells others how to carry out this activity, he is considered a black hat. If an individual uncovers a vulnerability and exploits it with authorization, he is considered a white hat. If a different person uncovers a vulnerability, does not illegally exploit it or tell others how to do it, but works with the vendor - this person gets the label of gray hat.”