Question Detail

Recommendations to learn malware-dev and practical targets I've been working through everything from Udemy programming courses, and HackTheBox role paths (primarily Pentester) and I began to wonder, "How did people learn to develop malware before all of these platforms?" Personally I'm trying to work my way to official gray hat status, and through hella online research, books, and paid platforms I've learned a bit with OOP with python and C++. Are there particular up to date books that some would recommend or would it be better in 2025 to just save and then drop the 500 on malware dev academy? Additionally I know that hackers should practice good OSINT and tread looking for exploits on live machines with caution, but I wonder do you more experienced guys just go out and try SQL queries on anything with a search box? How do you go about finding exploits on these systems, as either way legal or illegal I'm trying to make it in the end.