How
to Become a
Hacker (Everything that
the hacker know
now you know)
Learning to
become hacker is not as easy as learning to become a software developer. I
realized this when I started looking for learning resources for simple hacking
people do. Even to start doing the simplest hack on own, a hacker requires to
have in depth knowledge of multiple topics. Some people recommend minimum
knowledge of few programming languages like C, Python, HTML with Unix operating
system concepts and networking knowledge is required to start learning hacking techniques.
Though knowing a lot of things is required,
it is not really enough for you to be a competent and successful hacker. You
must have a passion and positive attitude towards problem solving. The security
softwares are constantly evolving and therefore you must keep learning new
things with a really fast pace.
If you are
thinking about ethical hacking as a career option, you may need to be prepared
for a lot of hard/smart work. I hope these free resources will help you speed
up on your learning. If you decide you pursue ethical hacking as a career
option, you may also want to read some in depth ethical hacking books
.
A
lot of people (including me before doing research for this article) think that
they can become a hacker using some free hacking tools available on web. Its
true that some common types of hacking can be easily done with help of tools,
however doing it does not really make you a hacker. A true hacker is the one
who can find a vulnerability and develop a tool to exploit and/or demonstrate
it.
Hacking is not only about knowing ”how
things work”, but its about knowing ”why things work that way” and ”how can we
challenge it”.
Below are some really useful hacking
tutorials and resources you may want to explore in your journey of learning to
hack
[1]
Hacking For Dummies - Beginners
Tutorials
These
tutorials are not really simple for anyone who is just starting to learn
hacking techniques. However, these should be simple starting point for you. I
am sure you have different opinion about complexity of each tutorial however
advanced hacker are going to be calling this a job of script kiddie (beginner
hacker). Even to acquire the skills of a script kiddie you need to have good
understanding of computer fundamentals and programming.
1. [2]Hacking Tutorials for Beginners -
By BreakTheSecurity.com
2. [3]How to learn Ethical hacking - By
Astalavista.com
3. [4]Penetration Testing Tutorial - By
Guru99.com
4. [5] Backtrack Penetration Testing
Tutorial
5. [6] Introduction to Penetration
Testing
6. [7] Information Gathering with Nmap
7. [8]Simple How To Articles By Open Web
Application Security
8. [9] The Six Dumbest Ideas in Computer
Security
9. [10] Secure Design Principles
10. [11] 10 steps to secure software
Cryptography Related Tutorials
Cryptography
is must know topic for any aspiring security professional or a ethical hacker.
You must understand how encryption and decryption is done. You must understand
why some of the old encryption techniques do not work in modern computing
world.
This
is a important area and a lot of software programmers and professional do not
understand it very well. Learning cryptography involves a lot of good
understanding of mathematics, this means you also need to have good fundamentals
on discrete mathematics.
1. [12] Introduction to Public Key
Cryptography
2. [13] Crypto Tutorial
3. [14] Introduction to Cryptography
4. [15] An Overview of Cryptography
5. [16]Cryptography Tutorials - Herong’s
Tutorial Examples
6. [17]The Crypto Tutorial - Learn How to
Keep Secret Secret
7. [18] Introduction to cryptology, Part
1: Basic Cryptology Concepts
BlogBook
websites For Security Related Articles
And News
These
are some websites, that you may find useful to find hacking related resources
and articles. A lot of simple tricks and tips are available for experimenting
through these sites for improving yourself to become advanced hacker.
In recent
years, many people are aspiring to learn how to hack. With growing interest in
this area, a lot of different types of hacking practices are evolving. With
popularity of social networks many people have inclined towards vulnerability
in various social networks like facebook, twitter, and myspace etc.
Continuous
learning about latest security issues, news and vulnerability reports are
really important for any hacker or a security professional. Some of the sites
that keep publishing informative articles and news are listed here.
1.
[19]
http://www.astalavista.com/
2.
[20]
http://packetstormsecurity.com/
3.
[21]
http://www.blackhat.com/
4.
[22]
http://www.metasploit.com/
5.
[23]
http://sectools.org/
6.
[24]
http://www.2600.com/
7.
[25]
DEF CON - Hacking conference
8.
[26]
http://www.breakthesecurity.com/
9.
[27]
http://www.hacking-tutorial.com/
10. [28] http://www.evilzone.org/
11. [29] http://hackaday.com/
12. [30] http://www.hitb.org/
13. [31] http://www.hackthissite.org/
14. [32] http://pentestmag.com
15. [33] http://www.securitytube.net/
16. [34] https://www.ssllabs.com/
EBooks And Whitepapers
Some
of the research papers by security experts and gurus can provide you a lot of
information and inspiration. White papers can be really difficult to read and
understand therefore you may need to read them multiple times. Once you
understand the topic well, reading will become much faster and you will be able
to skim through a lot content in less time.
1.
[35]Handbook
of Applied Cryptography - This ebook contains some free chapter from one of the
popular cryptography books. The full book is also available on amazon at [36]Cryptography
Book.
2.
[37]
Network Penetration testing Guide
3.
[38]
How to hack anything in Java
4.
[39]
Mcafee on iPhone and iPad Security
5.
[40]A
Good Collection of White papers on security and vulnerabilities - This site
contains collection of white papers from different sources and some of these
white papers are really worth referring.
6.
[41]
Engineering Principles for Information Technology Security
7.
[42]
Basic Principles Of Information Protection
8.
[43]Open
Web Application Security Project - OWASP is one of the most popular sites that
contains web application security related information .
Videos & Play Lists
Those who
like to watch video tutorials, here are few I liked. However there are many
small video available on youtube. Feel free to explore more and share with us
if you like something.
1.
[44]
Cryptography Course By Dan Boneh Stanford University
2.
[45]Open
Security Training- Youtube Playlist of More than 90 hours. I have found this to
be the biggest free training available for security related topic.
3.
[46]OWASP
AppSec USA 2011: Youtube Playlist containing compilation of OWASP conference
high-light in 2011.
4.
[47]Defcon:
How I Met your Girlfriend - Defcon is one of the most popular hacker
conference. The presenters in this conference are well know inside the hacking
industry.
5.
[48]
Defcon: What happens when you steal a hackers computer
6.
[49]
Defcon: Nmap: Scanning the Internet
7.
[50]Public
Key Cryptography: Diffie-Hellman Key Exchange
8.
[51]
Web application Pen testing
9.
[52]
Intro to Scanning Nmap, Hping, Amap, TCPDump, Metasploit
Forums For Hackers And Security Professionals
Just
like any other area, forums are really great help for learning from other
experts. Hundreds of security experts and ethical/non-ethical hackers are
willing to share their knowledge on forums for some reason. Please keep in mind
to do enough research before post a question and be polite to people who take
time to answer your question.
1.
[53]
Stackoverflow for security professionals
2.
[54]
http://darksat.x47.net/
3.
[55]
http://forums.securityinfowatch.com/
4.
[56]
http://forums.cnet.com/spyware-viruses-security-forum/
5.
[57]
http://www.hackforums.net/forumdisplay.php?fid=47
BlogBook
Vulnerability
Databases And Resources
Vulnerability
Databases are the first place to start your day as a security professional. Any
new vulnerability detection is generally available through the public
vulnerability databases. These databases are a big source of information for
hackers to be able to understand and exploit/avoid/fix the vulnerability.
1.
[58]
http://www.exploit-db.com/
2.
[59]
http://1337day.com/
3.
[60]
http://securityvulns.com/
4.
[61]
http://www.securityfocus.com/
5.
[62]
http://www.osvdb.org/
6.
[63]
http://www.securiteam.com/
7.
[64]
http://secunia.com/advisories/
8.
[65]
http://insecure.org/sploits _all.html
9.
[66]
http://zerodayinitiative.com/advisories/published/
10. [67] http://nmrc.org/pub/index.html
11. [68] http://web.nvd.nist.gov
12. [69] http://www.vupen.com/english/security-advisories/
13. [70] http://www.vupen.com/blog/
14. [71] http://cvedetails.com/
15. [72]
http://www.rapid7.com/vulndb/index.jsp
16. [73] http://oval.mitre.org/
Product Specific Vulnerability Information
Some of the
very popular products in the world require a special attention and therefore
you may want to look at the specific security websites directly from vendors. I
have kept Linux. Microsoft and apache in this list, however it may apply to any
product you may be heavily using.
1.
[74]
Red Hat Security and other updates Site
2.
[75]
Microsoft Products Security Bulletin
3.
[76]
Apache Foundation Products Security Repository
4.
[77]
Ubunut Software Security Center
5.
[78]
Linux Security Repository
Tools And Programs For Hacking /
Security
There
are dozens of tools available for doing different types of hacking and tests.
Tools are really important to become more productive at your work. Some of the
very common tools that are used by hackers are listed here. You may have
different choice of tools based on your own comfort.
1. [79] nmap
2. [80] NSS
3. [81] Hping
4. [82] TCPDump
5. [83] Metasploit
6. [84] Wireshark
7. [85] Network Stuff
8. [86] Nikto
Summary
I have tried to compile some of these resources for my
own reference for the journey of learning I am going to start. I am not even at
a beginner level of becoming hacker but the knowledge of this field really
fascinates me and keeps me motivated for learning more and more. I hope will be
able to become successful in this.
A lot of people use their knowledge skills
for breaking stuff and stealing. I personally think that doing harm to someone
is a weak choice and will not have a good ending. I would recommend not to use
your skills for any un-ethical endeavor. A single misuse of your skill may
jeopardize your career since most companies do a strict third party background
check before they hire a ethical hacker or a security personal.
There
are dozens of companies looking for ethical hackers and security professionals.
There are really good number of opportunities in this area and its really niche
compensation segment. You will be easily able to get a decent job without even
acquiring all the expert level skills to become a pro hacker.
You Also try hack so make perfect in Android Category
because when you out of house you have no laptop (your heart ) ,[87]you
learn android and the show is must go on.
BlogBook
Comments
Post a Comment