I don't trust my code. I really don't. I always have a feeling that something is wrong with it. Every variable looks like an enemy. Every loop, unfinished condition. Every input, possible injection. I'm kinda paranoid so to say.

There's many white hat hackers out there which could make buck or two. Let's say I made program like Steam:

Steam is an Internet-based digital distribution, digital rights management (DRM), multiplayer, and social networking platform developed by Valve Corporation. Steam provides the user with installation and automatic updating of games on multiple computers, and community features such as friends lists and groups, cloud saving, and in-game voice and chat functionality. The software provides a freely available application programming interface (API) called Steamworks, which developers can use to integrate many of Steam's functions, including networking and matchmaking, in-game achievements, micro-transactions, and support for user-created content through Steam Workshop, into their products.

Are there any actual websites, where people who really learnt for this would be able to pentest the application and it's security for "fat stacks". If I paid let's say 100.000 euro to a company, and I would say, "here installer, here's your username and password, try to make manipulations which would let you retrieve data from database, or use something you shouldn't be allowed to use" etc. ? Just, people who will try legally break into software, on legal papers for quite amount of money to test it's safety, security (stability doesn't matter to me, which fool will try to make ran software unstable and make it crash just to waste time?).

I tried Googling it, but so far only courses about pentesting have been found. Not companies that would provide such service, but companies that provide you pentesting abilities. Sure, this would help case a bit, but I'd rather concentrate on quality/security programming than full try-hard security programming. I'm not trying to say that security is wrong, but if I don't have, let's say PHP or C++ programming skill, but I can write "Hello World" safely, that isn't really what triggers a programmer, at least me.

Too long to read: Any professional white hat hackers that would break into software on legal papers for big money in virtual case?

Post Scriptum: Not that I'm having this program nor I have such money. I'm just interested in their services within maybe 10 years, but not now.

1 Year
Discussion Span
Last Post by ryantroop

They are out there.

More likely, you will find companies that make automated pen-testing tools, which they license for use on your system. Their job is to update their tools to attempt to breach your system using common (and some less commong) hacks and methods.

You, of course, are also free to write tools of your own - but that's a full time job in itself to try and keep up with the latest and greatest threats to any given platform, language, and mode of data shuttling.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.