Thursday, 22 February 2018

What are the initial steps to become a hacker?

As all say, the basics are what takes you ahead!

For being a hacker ( a real one)

1. Learn programming ! ( its not an option, rather a must)

Learning to make your own tools is a must for a hacker, start with learning C/ Python. Upon advancing get hands dirty with Ruby/ Perl. These will help you make scripts to automate attacks and create tools.

Reason:  Being a hacker means building your own tools to automate attacks, fuzz through input fields and create tools customized for different environments according to scenario.

Once you are adept at this, learn at least one server side language ( preferably PHP, otherwise JSP/ ASP)

At a glance, the languages you need to be good at least in basics:

1) C Programming ( for low level attacks such as buffer overflow/ memory attacks)
2) Java Programming ( helps code quickly tools for security testing)
3) Powershell ( much needed for exploitation on Windows and Red Teaming attacks)
4) Python ( a much hand scripting language needed for automating scripts/ writing exploits and much more)
5) Javascript/ HTML/ PHP ( helps in understanding web application logic and perform in depth penetration testing )
6) Assembly Language is also needed to understand low level working of operating systems and creating exploit accordingly.


2. Learn database!

That’s where the heart of information of any site lies. SQL queries, database management systems will help you immensely in attacks such as SQL Injections etc.

3. Linux and Shell Scripting.

Oh yes! Never you will find core hackers lurking in windows.

To harness the true power of hacking, you have to get hands on in linux and shell scripting, most of the hacking tools are also in Linux based systems also. ( Backtrack/ Kali Linux)

4. Networking

In and out of TCP/ OSI Layers and IP classes, VLAN, subnetting is a must for having knowledge when it comes to Network Penetration Testing.

The above all are in a nutshell. Once you master them, you have a wide array of domains to choose from including but not limited to:

a. Penetration Testing and Vulnerability Assessment
( Web Apps/ Network/ Mobile/ Thick Clients/ Web Services/ VOIP / USSD/ IOT/Cloud etc)
b. Binary/ Network Fuzzing/ Exploit Development/ Hunting 0 days
c. Malware Analysis and Reverse Engineering
d. Cyber Forensics

How to enter into Cyber Security after college?

Start with joining a small startup firm having cyber security domain. If having being campus hired, ask with Business Unit/ Management to give a chance for Application Security Domain where you can get to work in Vulnerability Assessment & Penetration Testing.

Tools of the trade:

Well, this is not a finite list but definitely an essential part:

1. Web application security testing: Burp Suite, Fiddler, Owasp ZAP
2. Network penetration testing and vulnerability assessment: Nessus, Nikto, Metasploit, NeXpose, Nmap
3. Web services penetration testing: Soap UI / Postman API ( Chrome extension ) , Burp extensions
4. Thick Client penetration testing: ( Burp/ Fiddler/ Mallory/ Charles)
5. Mobile Application Penetration Testing:
( Hopper/ Burp Suite ( for iOS Apps)
( Appuse/ Dex2Jar/ JD-GUI/ Apk tool ( for automated and manual android apps)
6. Reverse Engineering and Malware Analysis( Ollydbg, Winhex, IDA PRo, Win32 Dasm, GDB , Softice, Immunity Debugger, Sys Internals, PE id Checker, UPX, HexRay)

Above it it takes years of practice and hard core research to keep learning and keep growing!


Coming up next part on free resources to practice hacking and learn penetration testing.


Last but not the least:

About certifications/ courses/ internships:

While many people ask to do course/ certifications, it is not needed unless you have plans ahead contrast and diverse. With your hands on knowledge and sound practical practice you can crack interviews.

Still for people who are looking for certs:

0-1 year experience: CEH ( Certified Ethical Hacker) [ very basic level to learn about tools and terms ]

2-4 years:

1. OSCP ( Offensive Security Certified Professional [ very state of the art course for hands on penetration testing and lab based )

2. GWAPT ( Sans Course for Web App Pentesting)
3. GMOB ( Sans Course for Mobile Pentesting)

Coming up more!

Hacking into Block Chain Technology:Part 2

Security Testing on Block Chain: By- Samrat Das Now since we have our fundamentals clear on block chain, let’s proceed for un...