The Secret step-by-step Guide to learn Hacking — Spoonfed Edition!
Ez pz, right ?
Totally clickbait, I know.
Note : This guide is for someone who wants to be professional pentester or cybersecurity engineer not some kid who wants into hack their friend’s Facebook or neighbor’s Wi-Fi.
If you want to be a professional Hacker/pentester you have to go through hell(I mean it)
I have seen many people asking me that “hacking sounds very interesting where do I start”, and “can I become a hacker if i learn Kali Linux” ?
Answer #1: This blog post is for you.
Answer #2: No. Never. Kali Linux is kind of an end-product for Hackers. It has 300+ tools tailor made for Penetration testing(pentester). So before jumping into Kali Linux follow these steps.
Hacking = Programming + OS + Networking + databases + webapps + Linux + Hardware + Everything.
1. Setup a Virtual Lab
Retrieve a virtualization system (VirtualBox, VM player) and install Linux. Use a traditional distribution like Ubuntu not a security related one(like Kali).
Learn Basic Linux commands like navigating file systems, directories.
Understanding file system,giving/taking permissions to file and folders etc.
Then move on to shell scripting it’s easy and powerful.
3. Start with coding and learn:
That’s all you need to get started for now. If you have your Linux machine ready and basics of Linux and python clear, you are on your way !
Side Note: Watch TV Show called Mr. Robot (Available on amazon prime). Thank me later !
Step 0x01 — more clickbait
Watch these videos to get a sense of what it means to learn hacking.
Read this reddit thread.
Step 0x02 — Intro To CTFs
What is CTF? An introduction to security Capture The Flag competitions:
Play CTF! A Great Way to Learn Hacking by liveoverflow on Youtube:
Step 0x03 — Play some CTFs
^John Hammond has a discord server. Do join it. Connect with infosec people, talk to them, ask them for advice in where you are stuck. The infosec community is great if you know how to ask questions. Learning with a community is the best way to learn.
STEP 0x04 — More on CTFs
These will help you alot as you tackle CTF challenges.
CTF Field Guide: https://trailofbits.github.io/ctf/
STOP WASTING YOUR TIME AND LEARN MORE HACKING!
Step 0x06 — Pick a lane!
Now that you have seen what hacking is, what CTFs are, played a few, and got a broader idea of what different domains are there in cyber security..
- Reverse Engineering/Binary exploitation:
John Hammond’s RE playlist
Liveoverflow’s RE playlist
- Web Security:
Read this blog post.
John Hammond’s Web Security playlist
PwnFunction’s channel on Youtube
John Hammond’s Steganography playlist
John Hammond’s Forensic Playlist
John Hammond’s Crypto Playlist
Pick one domain you like or are most interested in. Give it ample time, reading writeups, watching walkthroughs and regularly participate in CTFs and try to tackle the challenges of your chosen domain.
If you are not able to solve, don’t worry, read the writeups/solutions posted after the CTF ends on https://CTFtime.org/. See what you were doing wrong, what was missing. Most importantly, play with your friends as a team. That’s the best way to learn.
A few things to remember:
- There is no secret step-by-step guide to learn hacking. Although I hope this was somewhat helpful.
- The resources provided in this blog post are the one’s which personally helped me and that’s why I decided to share with you. Don’t expect to be spoonfed at every hurdle along the way.
- The YouTube channels I mentioned, the blog links, the cheat-sheets and guides are overflowing with knowledge. There’s so much more content in those links, blog pages and channels only. Scrape it, search for it. If you can’t find what you are looking for, It’s not because It doesn’t exist. It’s because you are going about it the wrong way.
- Don’t be overwhelmed by thinking there’s so many links, so many videos. There’s no predefined time limit for you to complete all this in. Take your time, continue your learning whenever you can.
- Cybersecurity is a very interesting field.
It’s not just hacking your friend’s Facebook or your neighbor’s Wi-Fi. However, here’s some good sauce for such mischief unmanaged: https://null-byte.wonderhowto.com/
Will be updated after first session of Cybersecurity club, Rooters — Techspace, USICT.
Thanks for reading, happy hackin’! ~ Eshaan7