Want to Learn Real Hacking? If so, you are in the right place. The Reason why i have written this article is Because a lot of people randomly approach me and i have to spend at least 10 minutes on every person trying to explain them how to learn hacking and giving the some good resources to learn from.
If you are serious about learning Ethical Hacking or perhaps making a career in cybersecurity as a hacker/penetration tester, I highly recommend you to read this article carefully. This article is about my personal path. The things i have learnt and the resources that helped me gain the knowledge I have today.
So let’s get started. assume you are a beginner and a “script kiddie” (if you don’t know what this word is, Google it!!). Firstly stay curious and clear your basics about computers, computer hardware, how OS works, basic networking and get yourself familiar with using Linux commands.
Watch and finish this playlist by Hackersploit. It is one of the best YouTube playlist to learn hacking from scratch as a beginner. It has 175+ videos in total and this channel is very helpful for beginners:
Focus on clearing your fundamental first. People can Help/Guide/Assist You or even teach you to a certain extent but it is you who has to put in the efforts.
After finishing this, try to gain knowledge of the CEH Certification. [NOTE]: Avoid going for the CEH Certification exam. What i am telling you is to cover it’s syllabus. Research on the topics and practice them. Use internet & YouTube to learn about these topics:
Chapter 1: Introduction to Ethical Hacking
What is Hacking
What is Ethical Hacking
Types of Hackers
White Hat Hacker
Black Hat Hackers
Gray Hat Hackers
Script Kiddies
Hacktivists
Spy Hackers
Cyber Terrorists
Vulnerability
Exploit
Remote Exploit
Local Exploit
Zero-day
Zero-day vulnerability
Zero-day Exploit
Brute force attack
Phishing
Remote access
Payload
Chapter 2: Foot Printing and Reconnaissance
Passive Information Gathering
Active Information Gathering
Search Engine Foot printing
Website Foot printing
Social Media Analysis
Network Analysis
Chapter 3: Scanning Networks
Reconnaissance
Host Discorvery
Banner Grabbing
Port Scanning
Service Scanning
OS Fingerprinting
Traceroute Analysis
Chapter 4: Enumeration
Network Enumeration using tools like ARP, DNS Queries and SNMP
Service Enumeration using Nmap
Web Application Enumneration (BurpSuite, OWASP ZAP, Nikto, DirBuster)
Metasploit
Vulnerability Scanning
User Enumeration (enum4linux, ldapsearch, hydra)
Email Enumeration (Maltego, theHarvester)
Chapter 5: Vulnerability Analysis
Assets Identification
Vulnerability Assessment
Risk Classification
Prioritizing the Risk
Validation
Reporting
Chapter 6: System Hacking
Network Scanning
Enumeration
Exploitation
Gaining Access
Post Exploitation
Privilege Escalation
Maintaining Access
Covering Tracks
Chapter 7: Malware Threats
Viruses
Worms
Trojan Horse
Spyware
Adware
Backdoor
Rootkits
Ransomware
Chapter 8: Sniffing
Wireshark
Packet Capture using Waireshark
Packet Analysis
Packet Decoding
Data Extraction
Session Hijacking
Packet Injection
Chapter 9: Social Engineering
OSINT
Phishing
Pretext Development (Creating a Believable Story)
Impersonation
Spamming
Information Extraction
Chapter 10: Denial-of-Service
Resource Exhaustion
Traffic Generation
SYN/ACK Floods
HTTP/S Flood Attack
Spoofing
BOTNET
DDoS (Distributed Denial-of-Service Attack)
Chapter 11: Session Hijacking
Session Token Acquisition
Packet Sniffing
Cross-Site Scripting (XSS)
Man-in-the-Middle Attack (MitM)
Brute Force Attack
Cookie theft
Detection Evasion
Evading IDS, Firewalls, and Honeypots
Introduction to firewall, intrusion detection system (IDS), and honeypot evasion techniques. The tools like Nmap, hping, snort, Firewalk used to audit a network perimeter for weaknesses; and countermeasures.
Chapter 12: Hacking Web Servers
Information Gathering
Web Server Fingerprinting
Crawling and Mapping the web servers
Authentication and Authorization Testing
Session Management Testing
File Uploading Testing
Security Misconfiguration
Reporting
Chapter 13: SQL Injection
Malicious Input SQL Queries
SQL Query Manipuation
Union-based Attack (Very Imp.)
Time-Based and Error-Based SQL Injection
Prevention
Chapter 14: Hacking Wireless Networks
WPA/WPA2
SSID Enumeration
Evil Twin Attack
Man-in-the-Middle Attack
DDOS
De-authentication Attacks
Jamming the Network
Chapter 15: Hacking Mobile Platforms
Gathering Information About Mobile
Threat odelling
Static Analysis (Source Code Review, Binary Analysis)
Dynamic Analysis (App Interception, Runtime Analysis)
Reverse Engineering
Data Storage Analysis
Code Temptation
— — — — — — — — — — — — — — — — — — — — — — — — -
If You have completed STEP 1 and STEP 2 (The Hackersploit’s Video Playlist and the CEH Syllabus given above). Now you have a decent knowledge of what Hacking and Penetration testing is and you can now explore many other things.
Start solving CTFs and Boot to Root Machines on Vulnhub, Try Hack Me or Hack The Box. The time has come to learn the real practical hacking…
Start solving CTF which is the most fun way to learn hacking. If feels like a game. I consider CTFs as the best resource to learn real practical hacking. Try to start with some easy boxes from Vulnhub(such as metasploitable 2 and mr robot ctf) and move on to some hard ones. In CTF you will be applying all the knowledge you have gained. It gets harder as you proceed but you will learn something new and unique in every machine. If you get stuck, watch the walkthrough(solution) on YouTube or read it on google and understand and solve it. When you learn something new in a CTF, find out more about it and make Notes. Avoid the temptation of watching walkthroughs(solutions).See it only if you have spent hours trying to solve but failed to find the solution. CTF platforms such as HackTheBox and TryHackMe are best platform to learn practical Hacking.
Note: Some of the machines of VulnHub, TryHackMe and HackTheBox may need Programming/exploit Development knowledge but you can skip them if you want to. But try your best to solve as many as you can.
Privilege Escalation is a technique tricky to master so i am sharing one of the resources to learn them. This will prepare your privilege escalation skills beyond OSCP:
There are also many tutorials on privilege escalation on YouTube and many articles online which you can read. At end of every CTF you will have to escalate your privileges from user to root. So practice more Ctfs.There are many scripts for it as well but always prefer trying manually.
Now you have a pretty good knowledge and can call yourself as a Penetration Tester/Hacker. Follow the steps further to keep getting better.
THE TIME HAS COME!!….LEARN PYTHON. It might be a bit boring but trust me it’s Very Important. Neural Nice is the best channel to learn python. Read the documentation when you are stuck in python cause it helps a lot.
After learning python, finish a book like BlackHat python or Violent python which will teach you how real hackers leverage python for offensive hacking by writing your scripts and tools so you will no longer be a script kiddie.This will take a long time but will take you to the next level! I Have Completed The Book — Black Hat Python and it is considered a Advanced Book which teaches u to make your own Hacking tools, from scanners to keyloggers. (NOTE:This is not a book for beginners and you need to learn python before reading it). I have also written my own hacking scripts and exploits. You can find all the programs in my github account:
Now you will be having pretty good Knowledge with Python and you can try solving OTW Natas using python.
Now you can do as you wish. Try solving the TJ Null Playlist on youtube which contains OSCP like machines from HTB. Maybe start preparing for OSCP(This is the most demanded and challenging exam in the field of hacking(Penetration Testing).It is the recommended certification to make it easier to enter the industry.
You should learn REVERSE ENGINEERING. Yes its a tough topic but its a really important one and a valuable skill as a penetration tester. Read the book “Secrets of Reverse Engineering” and follow Live overflow on youtube who is a really good in binary exploitation and IOT hacking. Learn topics like Exploit Development OR Malware analysis or IOT hacking or Forensics or Rootkit Analysis. Feel Free to expriment. Maybe Learn web hacking using “web application hackers handbook” and “Portswigger labs” and try doing Bug bounties on platforms like Hackerone, Integriti and bugcrowd. You can also learn Android/IOS Hacking since a lot of apps are made for android and IOS. Some good books for this are- Android Hacker’s Handbook and IOS Hacker’s Handbook.(if it interests you).
Some Amazing Books (These are some of the most famous and best books every hacker has):
Penetration Testing, Hacking the Art of Exploitation, Web Application Hacker’s Handbook, The Hacker’s Playbook 1,2,3
BlackHat Python, Serious Cryptography. Practical Malware Analysis, Secrets of Reverse Engineering
Movies/Series/Shows: Mr. Robot (Show), WhoAmI (Movie), Silicon Valley (Show), DarkNet Diaries (Series)
— — — — — — — — — — — — — — — — — — — — — — — — — — — -
CONCLUSION
If you have come this far, my time and effort has not been wasted. Covering my Complete Journey/the path I followed to learn Hacking. Everything i have learnt will not be possible to cover in a single article. Thank you for reading my article. It took me a lot of time and Hard Work to reach the level of knowledge i have today. Wishing you luck on your Cyber Security journey and i would like to thank everyone in the community that has helped me just like i am helping you today. This was My Journey/Path to cybersecurity/Penetration Tester.
Goodluck for your journey!!