Hello internet, I'm an XX year-old trying to get started with pentesting. A few years ago I discovered HAK5 and Hackthisite.uk and loved it. I met with friends who taught me how to use Cain & Able. After "cough" acquiring a facebook user and pass, posting a note(O HAI), I almost got my laptop smashed by both the random user and my dad. So I stopped for a while to let things cool down. In that time I was unable to practice with websites or live networks. That was 2 years ago.
A few weeks ago while at the library I stumbled upon and exploited a few bugs in their system. I could login in without a username or pass, edit user credentials, and view my counties network in its entirety, and I had R/W privileges on some very important files on said network. I told the library manager about these bugs. Before going home She asked me for my email so that I “could speak with our(their) IT”. Later on my mom called the library to affirm that they were no going to press charges for what I’d done.
I would love to continue with pentesting but I want to go about it in the right way. How should I go about learning and working as a network security consultant?
sry if to long