I am assuming you have permission to be doing such activities. If that’s the case, here’s my answer:

Theoretically, yes. Is it plausible? That’s another story. It really depends on the security restrictions in place.

i know that you are a good guy and that if u ll find a vulnerability you’ll report it them :)

if i was you, i ll check the type of the website first (if it’s wordpress, joomla….)
if wordpress i ll use wpscan or Wordpresscan (wpscan written on python+some features) to search vulnerabilities that i can exploit
if joomla i’ll use joomlavs/JoomlaScan
i ll search for vulnerabilities and info using nikto
i’ll also check for any sql vulnerabilities that are really frequent in college/university websites == this will allow me to get all the database and with some luck i’ll find the admin user and password on it

knowing that teachers have in some cases access to the website, i can do what we call a social engineering , i’ll send them an email where for example i ask a question about a lesson and i ll join an encrypted payload (a clean payload in a pdf, doc, image …) and when it will open it i ll get access to his pc, and here i ll check passwords that he saved in firefox for example and check if there are the one that i search (college website password) otherwise i ll configure a keylogger (to see all what he writes) and when it will access to the website with his username and password i ll receive them :) , or i can also send another payload to the admin from the teacher’s email (he will trust it ) :)
…. be creative :)

with the bruteforce it’s possible that it takes days or even weeks and in the end you won’t get any results.

I checked the website it doesn’t have wordpress, joomla or any other CMS. They just uploaded some html and css pages and there is no backend. Website login panel is through cpanel. But there is an email address and I like those above attack techniques provided by you.

Just don’t forget to not do anything illegal.

Yes I will take care of that

We trust you completely.

and yeah take care
in my country most of thing are legal , and they are so noob in this domain :) so I almost allow myself almost everything

And moral never stops you? Personally, what stops me form doing things is my ethic, and only then the laws. Laws are like computer in some points: they are a set of rules to make a society behave in a certain way just like a program is a set of instruction to control a computer. Laws can be hacked too if you really know what you are doing, so the limit has to first be your ethic. Laws come next, but should still be respected.

my moral will stop me when i ll do something wrong.

i dont destroy anything,
i dont create any trouble
i dont edit anything (information or other)
i notify the owner when I find a problem or something suspicious.

and when I want to test some things, I create a backup of what I find, I test what I want and I put everything back in as I found it.
because otherwise it won’t be possible, no one will let you test things on their servers. and to learn a lot more you have to try, you have to dare or you’ll just turn around in the same circle.

GreyHat

@dloser I second your comment. Unlimited trust.

I agree but only with your last message @ghost-287 I consider myself as a GreyHat too but ethics is a huge part about our “job”

@DIDIx13 This could actually make for an interesting discussion. Traditionally, they labels of white hat, grey hat, and black hat have been used to categorize hackers based on the actions and motives of hackers. The question an element that has emerged in recent years, though; it is one that your post suggests. Are the labels a form of admonishment to act a certain way? Do our actions produce our labels or do our labels produce our actions? And if the latter is true, doesn’t that undermine the free nature of hackerdom?

What are your thoughts?

My english is too poor to pronounce all of my thoughts about labels and everything. Sorry @x2600 :(

Btw I could easily explain myself if we meet one time, but writing sigh

And, what are your thoughts ? I’m interested too :)

What I think is with great power comes great responsibility and as a hacker you should use that power wisely

@SilentKiller44 That’s a sound ethical take on the whole thing. What would you say the responsibility of each type of hacker is? Also, would you say that when you have a particular label (like grey hat), that you’re responsibility is to act like a grey hat hacker would?

@DIDIx13 I like the idea of everyone fitting into particular groups (like white hats, grey hats, and black hats), but I think people shift from one hat to another as time goes on, or as circumstances change.

About responsibility: For me, my biggest apprehension in accepting the newer hacker culture is that we’re supporting an age of “penetration testers,” and not an age of new hackers. The rich and deep culture that hackers experience may change so much that it will be unrecognizable. I mentioned to a coworker once that I was interested in computer security, or the lack thereof. He immediately got excited and said “Oh… you mean like kali linux.” You can guess my expression. The majority of people new to hackerdom don’t know anything beyond a linux distro, and they’re missing out on the depth of the culture. So responsibility is great, but my opinion is that hackerdom is best seen in shades of grey.

Hmm I will quote this thank you @x2600 (actually I’ve never used a Linux distro or Ubuntu for a client that’s all but I really should get the hell out of windows. )

@x2600 glad that people thinking this way still exist in this world! Let’s hope the whole hacking culture won’t die with the time

@Mugiwara27 Yes, let’s hope, my friend.