What are the initial steps to become a hacker?

-
As all say, the basics are what takes you ahead!

For being a hacker (a real one)

1. Learn to program

Learning to make your own tools is a must for a hacker, start with learning C/ Python. Upon advancing get hands dirty with Ruby/ Perl. These will help you make scripts to automate attacks and create tools.

Reason:  Being a hacker means building your own tools to automate attacks, fuzz through input fields, and create tools customized for different environments according to the scenario.

Once you are adept at this, learn at least one server-side language ( preferably PHP, otherwise JSP/ ASP)

At a glance, the languages you need to be good at least in basics:

1) C Programming (for low-level attacks such as buffer overflow/ memory attacks)
2) Java Programming ( helps code quickly tools for security testing)
3) Powershell ( much needed for exploitation on Windows and Red Teaming attacks)
4) Python ( a much hand scripting language needed for automating scripts/ writing exploits and much more)
5) Javascript/ HTML/ PHP ( helps in understanding web application logic and perform in-depth penetration testing )
6) Assembly Language is also needed to understand the low-level working of operating systems and creating exploits accordingly.


https://www.pexels.com/search/hacker/

2. Learn database

That’s where the heart of information of any site lies. SQL queries, database management systems will help you immensely in attacks such as SQL Injections, etc.

3. Linux and Shell Scripting

Oh yes! Never you will find core hackers lurking in windows.

To harness the true power of hacking, you have to get hands-on in Linux and shell scripting, most of the hacking tools are also in Linux-based systems also. ( Backtrack/ Kali Linux)

4. Networking

In and out of TCP/ OSI Layers and IP classes, VLAN, subnetting is a must for having knowledge when it comes to Network Penetration Testing.

The above all are in a nutshell. Once you master them, you have a wide array of domains to choose from including but not limited to:

a. Penetration Testing and Vulnerability Assessment
( Web Apps/ Network/ Mobile/ Thick Clients/ Web Services/ VOIP / USSD/ IOT/Cloud etc)
b. Binary/ Network Fuzzing/ Exploit Development/ Hunting 0 days
c. Malware Analysis and Reverse Engineering
d. Cyber Forensics

How to enter into Cyber Security after college?

Start with joining a small startup firm having cyber security domain. If having being campus hired, ask with Business Unit/ Management to give a chance for Application Security Domain where you can get to work in Vulnerability Assessment & Penetration Testing.

 Tools of the trade:

 Well, this is not a finite list but definitely an essential part:

1. Web application security testing: Burp Suite, Fiddler, Owasp ZAP
2. Network penetration testing and vulnerability assessment: Nessus, Nikto, Metasploit, NeXpose, Nmap
3. Web services penetration testing: Soap UI / Postman API ( Chrome extension ) , Burp extensions
4. Thick Client penetration testing: ( Burp/ Fiddler/ Mallory/ Charles)
5. Mobile Application Penetration Testing:
( Hopper/ Burp Suite ( for iOS Apps)
(Appuse/ Dex2Jar/ JD-GUI/ Apk tool/MobSf ( for automated and manual android apps)
6. Reverse Engineering and Malware Analysis(Ollydbg, Winhex, IDA PRo, Win32 Dasm, GDB , Softice, Immunity Debugger, Sys Internals, PE id Checker, UPX, HexRay)

Above it takes years of practice and hardcore research to keep learning and keep growing!

Coming up next part on free resources to practice hacking and learn penetration testing.


Last but not least:

About certifications/ courses/ internships:

While many people ask to do courses/ certifications, it is not needed unless you have plans ahead contrast and diverse. With your hands-on knowledge and sound practical practice, you can easily crack interviews.

Still for people who are looking for certs:

0-1 year experience: CEH ( Certified Ethical Hacker) [very basic level to learn about tools and terms ]

2-4 years:

1. OSCP ( Offensive Security Certified Professional [ very state of the art course for hands-on penetration testing and lab-based)
2. GWAPT ( Sans Course for Web App Pentesting)
3. GMOB ( Sans Course for Mobile Pentesting)

Coming up more!




Comments

Post a Comment

Popular posts from this blog

Arbitrary file upload and RCE in Wonder CMS - CVE-2017-14521

-
Image
By- Samrat Das Hi Readers Recently in one of my pentest research, I found a CMS " WonderCMS" hosted in github. Curious to explore its functionalities, I downloaded and set it up in my local system. After fiddling with the source code, I found that it did not have any kind of file upload security mechanism and allowed the user to upload any file type! After reporting it to them, I did not receive any security relevant response, hence decided to publish a blog on this. Title of the Vulnerability:   Arbitrary File Upload Vulnerability Class: Security Misconfiguration Technical Details & Description: The application source code is coded in a way which allows arbitrary file extensions to be uploaded. This leads to uploading of remote shells/ malicious Trojans which can lead to complete system compromise and server takeover. CVE ID allocated :  CVE-2017-14521 Product & Service Introduction: Wonder CMS 2.3.1 WonderCMS is an open source CMS (Content Ma
Read more

Cross Site Request Forgery- Intex Router N-150 | CVE-2018-12529

-
Image
By- Navina Asrani Hi Readers, Recently while tinkering with my wifi router, I was curious to find if it has possible loopholes and vulnerabilities. Curious to explore its functionalities, I started probing with the options. Title of the Vulnerability:   Cross Site Request Forgery Vulnerability Class: Code Execution/ Privilege Escalation Technical Details & Description: The firmware allows malicious request to be executed without verifying source of request. This leads to arbitrary execution with malicious request which will lead to the creation of a privileged user. CVE ID allocated: -  CVE-2018-12529 Product & Service Introduction: Intex Router Steps to Re-Produce – 1.        Visit the application 2.         Go to any router setting modification page and change the values, create a request and observe the lack of CSRF tokens. 3.        Craft an html page with all the details for the built-in admin user creation and host it on a server
Read more

Stored XSS in Wonder CMS- CVE-2017-14522

-
Image
By- Samrat Das Hi Readers Recently in one of my pentest research, I found a CMS " WonderCMS" hosted in github. Curious to explore its functionalities, I downloaded and set it up in my local system. After fiddling with the source code, I found that it did not have any kind of security mechanism to filter any user input and accepted and stored in blindly without any sort of input validation Title of the Vulnerability:   Stored XSS Common Vulnerability Scoring System:  7.0 Vulnerability Class:  Injection Technical Details & Description:  The application source code is coded in a way which allows user input values to be stored and processed by the application. CVE ID allocated :  CVE-2017-14522 Product & Service Introduction:  Wonder CMS 2.3.1 WonderCMS is an open source CMS (Content Management System) built with PHP, jQuery, HTML and CSS (Bootstrap responsive). WonderCMS doesn't require any configuration and can be simply unzipped a
Read more