This is how you can start your hacking journey

Ansari

Ansari

Category : Hacking

Time to read : 7 mins

This is what comes up in mind for most people when you refer hacking

Couple of months back I wrote a article and made a video named hacking my neighbor’s wifi. After watching that video many came up with questions like

  • “How can i study hacking legitimately”,
  • “what are the tools should I learn for hacking” ,
  • “I don’t have any idea about hacking but am so interested in it.Where should I start my hacking journey”

For all those people and also for people who wanted to learn hacking properly and wanted to use it in ethical way this article is for you people and if you want to watch the video you can look it up here

If you’re new to hacking, then forget everything that you watched in movie or in series related to hacking. I’m telling this because those scenes which are shown in movies will never be like as of in real world.

I hope there is no need to explain what is hacking.But the thing is Hackers are not only bad people. There are also many good hackers among these bad ones. Hackers are majorly classified into 2

  • Black hat hackers

  • White hat hackers or ethical hackers

Both will have the same skill set, same techniques, same knowledge Except one thing which is Permission. White hat hackers do things which are done by black hat hackers with concerns company/org permission.

But why a company should hire a white hat hacker and ask them to hack their company with all permissions ?

It is to check the companies security, they hire a ethical hacker then gives permissions to hack and also pays for the hack. So ethical hackers test the company completely fixes the vulnerabilities or inform the company to fix it. Basically this what ethical hackers do.

Now lets see what are the basic requirements

For every job you need certain skill/requirements to get hired. For instance if you want to become a frontend developer you need to know HTML,CSS, JavaScript etc.. these things are basic requirements for web developer. Like that ethical hacking also have some basic requirements.

  1. Basic networking and programming:

This is because like i said before there are various category hackers among them one of the worst is script kiddie. They only know to use the tool which was already made by an hacker, they don’t know how it works and what is going behind the tools. To be an ethical hacker you should know all in and outs of the tool and you should be able to create the tool

Don’t be a script kiddie

Learn the fundamentals and basic layouts of networking and how they work. Then learn a programming language python would be preferred as it is easy to learn , integrate and work with networks/hacking too. And you don’t need to learn those Data Structures. Learn the basic flow of the programming languages and how to use those and to write small scripts you can learn BASH and it also easy to catch up.

To be a professional ethical hacker there are lot of course and certificates. Among that most common one is Certified Ethical Hacker (CEH). For this course need to go to eccouncil.org and signup there. They provide the required training too, so after completing the training and clearing the exam you will get the certificate. With that set you can go and fetch for jobs and this certificate is little expensive.So if you’re serious about hacking and want to land on professional job go ahead get the certificate and get hired.

People who want to land on job, go choose course like CEH and land on the job.But I didn’t went that way.

I’m not interested in getting the training, clearing the exam, getting the certs and landing on job.

What am interested in is I want to participate in CTF conducted by DEFCON, Google etc. So for that I need to know and learn hacking,that's the reason why I studied hacking

A small explanation for people who don’t know what is CTF CTF stands for Capture The Flag. It is actually game particularly for people who are in security side like hackers,pentesters and sometimes developers too. CTF is of two type — Jeopardy CTF and Attack & Defense

First lets see what jeopardy CTF is,this is consider to typical CTF. Here certain problems will be given and you have to solve it.Nope this is not Maths problem. These problems are more like puzzles related to computer side. Let me show an example of it

Format of Jeopardy CTF will look like this , Starting with problem’s title followed by the problem’s category tag and a short description about the problem,followed by a file or code like given above.Since this comes under cryptography tag a encrypted file will be given we need to decrypt it and by reading the description. We get to know that this code might be encrypted by ROT13 Algorithm. So by decrypting it, we might be able to find the flag

Expansion of ROT13 is Rotate by 13 places. Its an substitution cipher method. So ROT13 is just replacing the character by the next 13th character

for example N for A, O for B etc

This is how it will be encrypted.By decoding the given code, Mostly we will be able to capture the flag.There is tool in online for decoding ROT13.

The decoded one was known to be the flag.Most CTF Flags format would look like this. There are various categories in this Jeopardy CTF. Sometimes you may need to hack a website or sometimes you need get remote access of server and capture the flag from there,sometimes this game might go so difficult to crack. By playing this continuously your hacking skill gets improved.

Next one is Attack & Defense

Compare to Jeopardy, this game puts a huge pressure on you. You need to tackle the pressure and hack. Attack and defense games will be like, lets consider four teams, Team 1 2 3 4

Each team gets their own server. Basically you should protect yours and attack others. Before someone finds a vulnerability in your server,you need to find and fix it before them. At the same time you should find a vulnerability in others server and enter into there server and get the flag. Based on that you will be rewarded points.

So if you’re a hobbyist like me and want to learn hacking. There are number of sites like these.

  1. Hack the box

  2. Try hack me

  3. PicoCTF

In all these platform, they teach you and provide Lab to hack. So you get to know every way of hacking and you will learn what are the things in hacking.

Ok I hope everyone understood the hacking roadmap and I’ve made small CTF game try to find the flag. Before that consider following me for more such articles. 👇🏻

CTF 🏁 Challenge Title: Get aHEAD Description: look the title for clue URL: https://amsorry-ctf.vercel.app/

Watch the video here

Love this article? 🤍Check out what else I write about