So let's start with me (sorry for my vanity).This is a translation of a very interesting foreign article.About the translation (it is not complete).Don't rush to leave.It is not complete because there are many other articles in one article, and there are more articles in these articles.The translation of the sub-articles and sub-articles will be in another topic (because I am not omnipotent).Stop talking, let's start.
How to Become a Hacker?
I am a "User Nickname" , my post is mainly for beginners who have no idea about hacking and want to learn Linux to be a hacker or penetration tester. Here I'm telling you the exact ways to become a successful hacker.
There are a lot of useful resources on the Internet to get started. But if you want to be a hacker, then you always need to collect the best knowledge
To get started, you will need several books. But in my personal experience, there are many books on the market, but they are not all written from the reader's point of view. Here I give some great books for learning Linux from scratch.
If you want to be a hacker, then you will need the perfect Linux OS for practice and penetration testing.
Finally, you'll need hacker resources to get started.
In this post, I give everything so that users can start learning Linux and become a penetration tester
Books: →
Also, you can read Hacking:
The Art of exploitation and
penetration testing: a practical approach.
These two books are also cool.
Operating system: →
Parrot KDE Security, from my experience I will tell you to use Parrot OS. Kali Linux is also very popular, but probably not for beginners.
See the differences between Kali Linux VS Parrot OS
Programming knowledge: →
To become a Hacker, you must learn at least (9-10) programming languages and master them.
Programming is the most difficult things, but interesting (it's funny when Bill Gates, Mark Zuckerberg and others say that they are very easy to show). It's sad that people want to become hackers without learning a single programming language.
It will be better if you master these languages: →
Python (very popular and easy to learn) (great value in hacking)
Shell programming language
C / C ++
Java
HTML5, PHP, CSS (not a programming language)
Ruby
jаvascript
Windows and PowerShell Batch scripts
In addition, there are also some modern programming languages such as Cpython Jython, etc. (They are designed for advanced purposes)
Skills: →
Becoming a hacker is very difficult. You will need some skills to become a successful hacker.
There are some required skills to become a hacker. Without them, you are not considered a hacker.
Fundamental skills: →
These are the basics that every hacker should know before even trying to hack. Once you have a good understanding of everything in this section, you can go to the intermediate level.
1. Basic computer skills:
Most likely, (naturally) in order to become a hacker, you need basic computer skills. These skills go beyond the ability to create Word documents or surf the Internet. You should be able to use the command line in Windows, edit the registry and configure network settings.
Many of these basic skills can be acquired in the basic computer skills course, for example, A+.
2. Networking skills:
You should understand the basics of networking, such as the following.
DHCP
NAT
Subnets
IPv4
IPv6
Public vs Private IP
DNS
Routers and switches
VLAN networks
OSI Model
MAC addressing
ARP
Since we often use these technologies, the better you understand how they work, the more successful you will be. Please note that I have not written the two guides below, but they are very informative and cover some of the basics of the network mentioned above.
Hacker Basics: A Tale of Two Standards
A guide for each user on how network packets are routed
3. Linux Skills:
It is extremely important to develop Linux skills to become a hacker. Almost all the tools we use as a hacker are designed for Linux, and Linux gives us capabilities that we don't have in Windows.
If you need to improve your Linux skills or you are just starting to work with Linux, check out the Linux for Beginners series below.
Linux Basics for a novice hacker
4. Wireshark or Tcpdump:
Wireshark is the most widely used protocol analyzer/analyzer, while tcpdump is a command line analyzer/analyzer. Both can be extremely useful in analyzing TCP/IP traffic and attacks.
Introduction to Wireshark and the OSI Model
Wireshark Filters for Wiretappers
5. Virtualization:
You should become proficient in using one of the virtualization software packages such as VirtualBox or VMware Workstation. Ideally, you need a safe environment to practice your hacks before bringing them out into the real world. The virtual environment provides you with a safe environment to test and refine your hacks before you start living with them.
6. Security concepts and technologies:
A good hacker understands security concepts and technologies. The only way to overcome the obstacles set by security administrators is to familiarize yourself with them. A hacker needs to understand things like PKI (Public Key Infrastructure), SSL (Secure Sockets layer), IDS (Intrusion Detection system), firewalls, etc.
A novice hacker can acquire many of these skills as part of a basic security course such as Security+.
How to Read and Write Snort Rules to Avoid IDS
7. Wireless technology:
To be able to hack a wireless network, you must first understand how it works. Things like encryption algorithms (WEP, WPA, WPA2), four-way handshake and WPS. Also, understanding things like the protocol for connection and authentication and the legal limitations for wireless technologies.
To get started, check out the wireless terms and Technologies getting started guide below, and then read our collection of Wi-Fi hacking guides for more information on each kind of encryption algorithms and examples of how each hack works.
Getting started with Wi-Fi terms and technologies
Beginner's Guide to hacking Wi-Fi
Intermediate skills: →
This is where things get interesting and you really start to feel your hacker capabilities. Knowing all this will allow you to move on to more intuitive hacking methods when you call all the frames, and not to any other hackers.
1. Scenarios:
Without scripting skills, a hacker will be forced to use the tools of other hackers. This limits your effectiveness. Every day there is a new tool that loses effectiveness as security administrators come up with protection.
To develop your own unique tools, you need to become proficient in at least one of the scripting languages, including the BASH shell. They must include one from Perl, Python or Ruby.
Perl scripting for a novice hacker
Scripts for a Novice Hacker, Part 1: BASH Basics
Scripts for a novice hacker, part 2: Conditional expressions
Scripts for a novice hacker, Part 3: Windows PowerShell
The final list of scripts for hacking Meterpreter from Metasploit
2. Database Skills:
If you want to be able to hack databases skillfully, you need to understand databases and how they work. This includes the SQL language. I would also recommend mastering one of the main DBMS, such as SQL Server, Oracle or MySQL.
Conditions and technologies that you need to know before starting work
Hunting for Microsoft SQL Server
SQL Server Password Hacking and Server Ownership
Hacking MySQL Online Database with Sqlmap
Extracting data from online databases using Sqlmap
3. Web Applications:
Web applications are probably the most fertile ground for hackers in recent years. The more you understand how web applications and the databases behind them work, the more successful you will be. In addition, you will probably need to create your own website for phishing and other nefarious purposes.
How to clone any website using HTTrack
How to redirect traffic to a fake website
4. Criminalistics:
To become a good hacker, you don't have to be caught! You can't become a professional hacker sitting in a prison cell for 5 years. The more you know about Digital Forensics, the better you will be able to avoid and avoid detection.
Digital Forensics, Part 1: Tools and methods
Digital Forensics, Part 2: Network Forensics
Digital expertise, Part 3: Recovery of deleted files
Digital Forensics, Part 4: Evading Detection during DoSing
12. Advanced TCP/IP:
A novice hacker needs to understand the basics of TCP/IP, but to rise to the intermediate level, you need to understand the TCP/IP protocol stack and fields in detail. They include how, among other things, each of the fields (flags, window, df, tos, seq, ack, etc.) in a TCP and IP packet can be manipulated and used against the victim system to allow MITM attacks.
13. Cryptography:
Although you don't need to be a cryptographer to become a good hacker, the more you understand the strengths and weaknesses of each cryptographic algorithm, the more chances you have to defeat it. In addition, a hacker can use cryptography to hide their activities and avoid detection.
14. Reverse Engineering:
Reverse Engineering allows you to open a piece of malicious software and rebuild it with additional features and capabilities. Just like in software development, no one creates a new application from scratch. Almost every new exploit or malware uses components of other existing malware.
Besides,
Reverse Engineering allows a hacker to use an existing exploit and change his signature so that he can fly past IDS and AV Detection.
How to change Metasploit payload signatures to avoid AV detection
Intangible Skills: →
Along with all these computer skills, a successful hacker must have some intangible skills. These include the following.
1. Think creatively:
There is ALWAYS a way to hack the system and there are many ways to do it. A good hacker can creatively think of multiple approaches to the same hack.
A Guide to Social Engineering
CryptoLocker: Innovative and Creative Hacking
2. Problem solving skills:
A hacker always faces seemingly unsolvable problems. This requires the hacker to get used to thinking analytically and solving problems. This often requires a hacker to diagnose exactly what is wrong and then break the problem down into individual components. This is one of those abilities that comes with many hours of practice.
Problem solving is an important hacker skill
3. Constancy:
A hacker must be persistent. If you fail at first, try again. If that doesn't help, come up with a new approach and try again. Only with perseverance will you be able to hack the most secure systems.
So, do you want to become a hacker?
I hope this gives you some guidance as to what you need to learn and master in order to rise to the intermediate level of hacking. In the next article I will tell you what you need to master to rise to the advanced level or the level of a master hacker, so keep coming back, my novice hackers!
Hacking phases: →
Basically there are five phases in hacking
It is not necessary for a hacker to follow these five steps sequentially. This is a step-by-step process, and when it is performed, it gives the best result.
1. Exploration:
This is the first step of hacking. It is also called the fingerprint collection and information gathering stage. This is a preparatory stage where we collect as much information about the goal as possible. We usually collect information about three groups,
host network
People involved
There are two types of Footprinting:
Active: Directly interacts with the target to gather information about the target. For example, using the Nmap tool to scan a target
Passive: Attempts to collect information about the target without direct access to the target. This includes collecting information from social networks, public websites, etc.
2. Scanning:
Three types of scans are involved:
Port scanning. This phase includes scanning the target information for open ports, Live systems, and various services running on the host.
Vulnerability Scanning: Checking the target for weaknesses or vulnerabilities that can be exploited. Usually done with automated tools
Network mapping: Determining the network topology, routers, firewall servers, if any, as well as host information and drawing up a network diagram with available information. This card can serve as valuable information throughout the hacking process.
3. Gaining access:
At this stage, the attacker breaks into the system/network using various tools or methods. After logging in, he must elevate his privileges to the administrator level so that he can install the application he needs or change the data or hide the data.
4. Maintaining access:
A hacker may simply hack into the system to show that it is vulnerable, or he may be so malicious that he wants to keep or keep the connection in the background without the user's knowledge. This can be done with the help of Trojans, rootkits or other malicious files. The goal is to keep access to the target until he completes the tasks he planned to complete in that target.
5. Track cleaning:
No thief wants to be caught. An intelligent hacker always cleans up all the evidence, so that at a later point in time no one will find any traces leading to him. This includes changing/corrupting/deleting log values, changing registry values and deleting all the applications he used and deleting all the folders he created.
Hacking resources: →
First I will tell you that in Pentesing OS you will use more and more penetration testing tools for various types of hacking.
But did you notice that the maximum number of tools was taken from GitHub???
Yes, from GitHub!!!
So, here I give you a list of interesting resources from GitHub to start hacking.
Not amazing resources here The Book Of Secret Knowledge
Also, try to find other hacking tools and their manuals on GitHub (if possible, join open source software development programs)
Practice things: →
Indeed, practice makes a person perfect. You have to practice more and more to enrich your skills in this field of hacking. To do this, you can first target your own machines (not the host computer). Try to find vulnerabilities and try to gain access
There are many websites on the internet where you can practice hacking skills, for example, HackTheBox, to test your hacking skills and use CTF. Some of them are posted on our website (this website). Try to solve the problems and find the answer. If you are constantly failing, you need to practice more and then you will be able to solve the problem.
Finally: →
People laughed when I say Google & TOR is your best friend
for gathering skills to become a hacker
Just look for things with the exact name and goals, and you will get them (Knowledge is free, but it depends on how you use it)
Try to learn from the hints and try to analyze them. In addition, to become a successful hacker, you have to learn more and more programming languages. At least that's what I mentioned (not telling you to learn every syntax and every use of these programming languages)
It's really not easy for me to become a Hacker. People really fail in this section of learning, as they cannot continue the process of continuous learning and self-assessment.
Hacking is a widely used field of information technology and security. Now it has become a billion-dollar industry. The media is another factor contributing to the promotion of so-called hackers, and such hackers are becoming an idol for newcomers, and the cybersecurity training industry uses them.
In the mid-80s and 90s, hacking was called a software subculture of the developer community. But later he was disguised by morons from the media who know little about hacking and security technologies.
The media falsely associate hacking with cybercrime. Some jerk started using a very nice word, ethical, to precede hacking, and it became ethical hacking. It's just ridiculous.
Over the years, there has been a huge increase in cybersecurity training. Most of them are just fake. And innocent young people who consider cybersecurity a demanding field of computer science tend to become hackers.
No one can become a hacker with street courses like CEH. No one can become a successful hacker (LOL!) With the help of two or three years of meaningless graduate courses or diplomas. To become a successful security expert, it takes a lot of sweaty hours to study and a lot of sleepless nights to understand many systems.
People who can't handle the CLI should just leave the information security field. In addition, system scripting languages such as bash, csh, sh, perl, python must write their own code to work with systems and communicate with the network. Using a simple tool available in Kali Linux or using Metasploit, etc., does not mean that you are a good security specialist or a so-called hacker.
I often see a question about how Quora asks if I'm stuck in the CLI or something like that, Kali Linux or any other Linux distribution are also hacker contenders. It's like swimming in the deep sea after a one- or two-day swimming training course.
Cybersecurity is a matter of your own experience with vulnerabilities and threats. I have witnessed many students who have successfully completed hacking courses like CEH and are still trying to escape if stuck in simple Linux.
So-called ethical hacking is a meaningless thing in cybersecurity. Do you really think you'd really like to be a lamb?
Everyone just wants an easy success. But believe me, to become a successful hacker, it really takes years and a huge sacrifice to become a professional
Practice will help you more and more in this. So you choose which types of hackers you want really depends on your choice and job.On such a philosophical note, I finished the translation of the article.And I want to say from myself that no matter how super duper hacker you are, you can't stop in your development.If you stop, others will overtake you.As Lenin said, he is learning!Learning and Learning again!