At some point you may have wanted to be a hacker or you know someone who wants/wanted be one. Being hacker comes with a fancy feeling, and we all love the thought of possessing the skills. However, the journey is not easy. The industry is large and you need to define exactly where you wanna be as a hacker.
I want to play sport, where should I start?
This open ended and very ambiguous question is very similar to someone asking how they should go about getting into cyber security. The first thing to realize is there is a huge range of cyber security fields, and within each of those huge fields is a lifetime’s worth of learning content. Just like picking a sport there is no ‘best’, it’s simply sometimes area’s you may enjoy more than others. Below are some of the sub-fields of cyber security:
- Web Application Security
- Mobile Application Security
- Reverse Engineering
- Malware Reverse Engineering
- Network Security
- Incident Response
- Standards Compliance
- Big Data Security
- Cloud Security
- Exploit Development
Some of these are more of a technical nature while others are more of a theoretical focus. As you already know, whatever you like there are others out there who will find it boring, just as you will with what others are interested in sometimes. Right now it’s expected that if you’re reading this you may know very little about any of these area’s but what’s important is your willingness to learn and what type of motivation you have.
The Hacking Type
One trademark that is almost universal of people throughout those fields is their focus on independent, self directed learning. Unfortunately in some ways security is still considered a ‘dark art’, I mean why would anyone want to know how to break into a computer system unless they were going to do so? As a result plenty of people will show disdain to outright hostility when asking about security related questions under the false (perhaps sometimes true) assumption it’s merely a script kiddie looking to learn to hack systems instead of wanting to learn and use that knowledge for a good purpose. It’s also a fact that the learning resources of information security are quite disjointed with no real central repository of learning material.
The point of highlighting this is that if you wish to prosper and successfully enter into the information security field you should be prepared to jump in and find your way without waiting for someone to hold your hand and lead you down the right path. Google some of the above terms and see what sounds like fun. Despite what sometimes seems like a constant battle to find the best field to learn, or the best resource, or the best way to learn often more time is spent procrastinating wondering these questions rather than dedicating the time to actually learning. Look up video’s on YouTube for hacking examples – it’s ok if you don’t know what a lot of it means, but write down a list then google those terms. Use points of interest to spawn out with an ever increasing web of knowledge around topics you’re interested in.
Do I need to learn X first?
Of course you need to have a full knowledge of the OSI layer before you begin. Yes you need to read that 1000 page book on the TCP protocol. Yes you need to be proficient in 5 programming languages (at least!) before you consider hacking. Can you compile your own Linux kernel from source code? No? Don’t bother learning hacking. Actually…. all that is not true, yet it’s one of the most common responses given to people looking to learn information security. There is one requirement to becoming a decent hacker – interest. The difference between a future hacker and a script kiddie isn’t knowledge, it’s the willingness to learn.
Ok, I get the hint – I need to learn things myself, but can you at least give me a starting point?
Sure, there are a ton of great free or cheap resources out there to get started depending on what topic appeals to you. Here are some examples.
Web Application Security
- HackThisSite – Good for some basic web based challenges (link)
- Enigma Group – Similar to Hack this site (link)
- OWASP Top 10 – Idea of what are the most common vulnerabilities (link)
- OWASP Broken Wep Apps – A virtual computer you can load up to practice hacking skills on your network (link)
- Pentesting Lab – Another web focused virtual machine (link)
- In fact anything from vulnhub that interested you is good (link)
- The Web Application Hackers Handbook – The book on web hacking and vulnerabilities (link)
Reverse Engineering / Malware Reversing
- Lena’s Tutorials – Known as pretty much one of the best introductions to reverse engineering (link)
- The Legends of Random – Again another solid set of tutorials for reverse engineering (link)
- Reversing: Secrets of Reverse Engineering – A good book on the foundation’s of reverse engineering (link)
- Practical Malware Analysis – A great book focusing on reversing malware (link)
- Malware Analysts Cookbook – Another book focusing on reversing malware (link)
- Virtual Machines dominate this category as they allow you to practice against real machines. Head to vulnhub and download any VM that looks interesting (link)
- Metasploit Unleashed – A solid run through of the metasploit testing framework to be used in conjunction against VM’s. (link)
- The Basics of Hacking and Penetration Testing – A very basic look at penetration testing useful for those completely new to the field. (link)
- Metasploit – The Penetration Testers Guide – Another book focusing around the use of metasploit in penetration testing (link)
- Because this is such a huge field often it’s breaking it down into one aspect, then researching that aspect specifically. Blogs are your best friend here. (link)
- Corelan – This is by far the best resource out there for learning about exploit development. (link)
- FuzzySecurity – Another good learning resource with some tutorials available (link)
- Exploit-DB – One of the best things you can do is find examples of exploits (often with apps attached) and try and replicate the exploit independently (link)
- Hacking – The Art of Exploitation – A fantastic book that covers ton’s of different exploitation techniques (link)
- The Shellcoders Handbook – Another fantastic book on exploit development and shellcoding (link)
Other than that, Google, Google, and some more Google.
Outside of the free resources you can also begin to get certificates to make yourself more appealing to employers if you wish to transition into the field as more of a career path. Some certification’s we highly recommend would be the “Penetration Testing with Kali Linux” course from Offensive Security (link) if you’re interested in network security.
However, if you need to get a solid start in Information Security and have a good understanding of the above mentioned topics, feel free to apply for our courses here. We’ll take you from zero to where you’ll be comfortable to take any industry leading certifications.
If you’re looking at developing your programming skills things like SecurityTube’s “Python for Pentesters and Hackers” (link) is a great foundation that will teach you how to do plenty of nifty things like building your own port scanners, password crackers etc. We don’t place a huge value into their certification’s that they offer from an employment perspective, but we’d look at it more as a consolidated lump of knowledge and examples for sale which can still be valuable.
The “Certified Ethical Hacker” from EC Council course is another commonly mentioned. Honestly it’s typically looked down upon so we don’t think it’s necessarily worth the money – but if you need a formal course to learn things then it might be worth the money to you. A lot of these certifications and their value are discussed over at TheEthicalHacker.net’s forums located here.
Just seeing if you can
Hacking is all about gaining access to things that we’re not meant to. Creating an exploit, finding a SQL injection, Password Cracking it’s all designed to put us towards the goal of taking control of the box we’re attacking. I guarantee almost every new hacker has started dreaming about “Just seeing if they can” get access to that school website. “Just seeing if they can” gain access to the neighbors WiFi network. Sending their friend a trojan virus “just to see if they can” take control. Worse still you might end up visiting places like HackForums.net and seeing a lot of people trying to infect others with RATs, build botnet’s etc under the impression this is hacking, or sadly that this is the only way you can learn.
We need to emphasize that this is not the case. Any type of “just seeing if you can” type exercises can be replicated through the use of virtual machines, your own routers or even capture the flag / wargame competitions out there. Being realistic even if you can access another person’s machine, what are you going to do with it? Are you really going to try and steal credit card details and make fraudulent transactions? Are you really going to steal passwords and be paranoid that your activity is going to be traced back to you for the sake of peeking at someone’s emails? There have been plenty of examples of newbies being charged, not realizing the seriousness of the crimes they are committing. If you went for a job with the FBI and they had a look through your post history would you like them to read that post about you asking how to host a botnet? It’s a classic example of what’s on the internet is forever, and if you really want a career in information security you need that clean record to obtain any security clearances you’re going to need to do your job. Getting caught for stupid stuff just isn’t worth it.
So after a long ramble, what’s the key points?
- A hacker will actively seek out information, not wait for others to give it to him
- The difference between a script kiddie and a new hacker is the desire to learn
- You need to experiment with a wide range of information security fields to find what interests you
- Don’t let anyone tell you that there are prerequisites for learning information security, there isn’t.
- It’s not worth “just seeing if you can” do anything that isn’t legal, the risk vs reward makes no sense for doing so
- With courses, wargames, capture the flags and more importantly virtual machines there is no hacking scenario that can’t be replicated legally
Have fun, sorry if it got preachy towards the end and enjoy pwning boxes! Information security is an awesome field and you’ll be learning something new every day that you’re involved in it. There is no right answer for getting into the field apart from jumping into it with both feet. Get wet, learn to tread water and stay afloat, one day you might even be able to swim a little!