Welcome to Hacking :
To become a professional in IT Field ( whether you are a security Expert or a Black / White / Grey hat Hacker) , you need to know the information below ..This should be a Total Guide for newbiews ( a.k.a n00bs ) to Know where to start Hacking to learn !!!
1. Learn TCP/IP, Basic Information gathering,
Proxies, Socks, SSL, VPN, VPS, RDP, FTP, POP3,
SMTP, Telnet, SSH.
2. Learn Linux, Unix, Windows - You can do
this using vmware or any virtual desktop
utility.
3. Learn a programming language that's
compatible with all OS - Perl, Python, C, ASM
4. Learn HTML, PHP, Javascript, ASP, XML, SQL,
XSS, SQLI, RFI, LFI
5. Learn Reverse engineering and crack some
programs for serials easy ones like mirc,
winzip, winrar or old games.
6. Code a fuzzer for common protocols - ftp,
pop3, 80, 8080 - Pick some free software like
ftp server, mail server, apache or iis
webserver or a webserver all-in-one pack, or
teamspeak, ventrilo, mumble.
7. Code a tool that uses grep to sort out
unique code in source codes.
8. Make a custom IPtable, IPsec firewall that
blocks all incoming traffic and out going
traffic and add filters to accept certain ports
that your software or scripts use.
9. Pick a kernel in linux or unix, also pick a
Microsoft OS version lets say Winxp pro sp2
put them on the virtual desktops (vmware)
and find and code a new local exploit in those
versions, then install a Apache webserver on
the Linux/ Unix and a IIS webserver on the
winxp pro and attempt to find and code a
new local reverse_tcp_shell exploit.
10. Learn Cisco Router and Switch
configuration and setup.
11. Learn Checkpoint Setup and Config
12. Learn Wifi scanning, cracking, sniffing.
13. Pick a person in you phonebook for the
area code you live in or city then ring the
person on a anonymous line like skype or a
payphone or a carded sim and attempt to
social engineer the person for his name,
address, data of birth, city born, country born,
ISP connected with, Phone company
connected with, What bank he/she uses and
anything else you can get. Then Attempt to
ring using a spoof caller ID software with the
person's phone number - call the ISP and try
reset the password to his/her internet
connection/ webmail, get access to bank
account or ask them to send out a new *** to
a new address (drop) with a new pin, reset of
phone company passwords.
14. Use your information gathering skills to
get all the information off a website like a
shop then use the spoof callerID software or
hack your phone to show a new number of
the Webserver's Tech Support number then
ring the shop owner and try get the shop site
password.
15. Do the same thing but attempt to use a
web attack against a site or shop to gain
admin access.
16. Once got access upload a shell and
attempt to exploit the server to gain root
using a exploit you coded not someone else s
exploit.
17. Make your own Linux Distro
18. Use your own Linux Distro or use a vanilla
Linux gnome (not kde) keep it with not much
graphics so you can learn how to depend on
the terminal and start from scratch install
applications that you will only need for a
blackbox (Security test box), make folders for
fuzzers, exploits, scanners..etc Then load them
up with your own scripts and other tools ( By
this stage you shouldn't need to depend on
other peoples scripts).
19. Learn macosx and attempt to gain access
to a Macosx box whether it be your own or
someones elses.
20. Create a secure home network and secure
your own systems with your own Security
policies and firewall settings.
All this isn't a over night learning it will take a
nice 3 - 4 years to learn a bit of this 5+ years
to learn most of it and even then you may
need time to keep learn as IT keeps changing
ever day.
As long as your dedicated to learning you
won't have any problems and if you learn all
that you should easy get a job in any
company if you show proof that you can do
these things (print out scripts that you made
or put on disc) to show the companies.
Hope this helps ..
No comments:
Post a Comment