Read on Twitter
(1/?) How to become an ethical hacker, without spending a dollar. A short novel:
If you're new to the field of ethical hacking, you must first understand that you need a good set of foundational skills. These include understanding Linux, Networking, and a language like Python.
If you're new to the field of ethical hacking, you must first understand that you need a good set of foundational skills. These include understanding Linux, Networking, and a language like Python.
(2/?) On top of a technical foundation, you'll likely need to be well rounded in other areas. You should be well-written, as we write tons of reports. You should be personable and able to talk in front of people. Note: you don't have to be an extrovert. Many of us fake this :)
(3/?) With that out of the way, let's talk the foundations:
Linux:
OverTheWire's wargames , such as Bandit ( http://overthewire.org/wargames/bandit/), and Linux Journey ( https://linuxjourney.com/ ) are a great place to start. Self plug, I have a Linux for Hackers course too
Linux:
OverTheWire's wargames , such as Bandit ( http://overthewire.org/wargames/bandit/), and Linux Journey ( https://linuxjourney.com/ ) are a great place to start. Self plug, I have a Linux for Hackers course too
(4/?) Python can be learned from resources like CodeCademy ( https://www.codecademy.com/ ), edX ( https://www.edx.org/learn/python ), Learn Python the Hard Way ( https://learnpythonthehardway.org/book/ ), Google ( https://developers.google.com/edu/python/ ), and so much more. Honestly, just Google it and focus on Python3 as 2 is EOL
(5/?) For networking, I would consider starting with Professor Messer's Network+ course ( https://www.professormesser.com/network-plus/n10-007/n10-007-training-course/). You can expand upon this and learn Cisco related command line by using tools like Packet Tracer ( https://www.netacad.com/courses/packet-tracer) and taking netacad courses from that link
(6/?) On to the hacking. Again, you need a good foundation to start. I'm going to be biased here and recommend my 15 hour course on network pentesting to start with your foundations: . This will brush up on Linux, Python, and guide you slowly through it.
(7/?) Once you're understanding the foundations, it's best to get some practice in. By practice, I mean attack known vulnerable machines and try to exploit them. We call this capture the flag (CTF)
hackthebox - https://www.hackthebox.eu/
vulnhub - https://www.vulnhub.com/
hackthebox - https://www.hackthebox.eu/
vulnhub - https://www.vulnhub.com/
(8/?) Additionally, you might want to participate in CTFs for fun and learning. A great website to find out about upcoming CTFs is CTF Time ( https://ctftime.org/ ). For hackthebox, start with easy rated boxes. For vulnhub, try working this list: https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms
(9/?) An important part of hacking is learning from others. If you're doing hackthebox, try to learn from a team. There are some great channels out there, including:
NetSecFocus: https://mm.netsecfocus.com/
TCL: https://discord.gg/Fs76d4Y
My Discord: https://discord.gg/REfpPJB
NetSecFocus: https://mm.netsecfocus.com/
TCL: https://discord.gg/Fs76d4Y
My Discord: https://discord.gg/REfpPJB
(10/?) Once you're getting comfortable, it's time to start rounding yourself out. To be a good pentester, your skillset should include basic hacking methodology, active directory exploitation, web application pentesting, and wireless pentesting...amongst other things
(11/?) Let's start with Active Directory.
Try to understand the common attacks that exist out there ( https://medium.com/@adam.toscher/top-5-ways-i-gained-access-to-your-corporate-wireless-network-lo0tbo0ty-karma-edition-f72e7995aef2). If you did the 15 hour course from post #6, you were introduced to these. Build your own lab & try to recreate attacks. There are also people to follow
Try to understand the common attacks that exist out there ( https://medium.com/@adam.toscher/top-5-ways-i-gained-access-to-your-corporate-wireless-network-lo0tbo0ty-karma-edition-f72e7995aef2). If you did the 15 hour course from post #6, you were introduced to these. Build your own lab & try to recreate attacks. There are also people to follow
(12/?) Some of the great content creators for AD pentesting include:
@PyroTek3 - https://adsecurity.org/
@harmj0y - https://blog.harmj0y.net/
@_dirkjan - https://dirkjanm.io/
@Haus3c - https://hausec.com/
Do your research and you'll find plenty more.
@PyroTek3 - https://adsecurity.org/
@harmj0y - https://blog.harmj0y.net/
@_dirkjan - https://dirkjanm.io/
@Haus3c - https://hausec.com/
Do your research and you'll find plenty more.
(13/?) For web apps, there are an insane # of resources. First, content creators:
@NahamSec - https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw
@stokfredrik - https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
@TomNomNom - https://www.twitch.tv/tomnomnomuk
Not all inclusive (sorry if I missed you). These should keep you busy for a while.
@NahamSec - https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw
@stokfredrik - https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
@TomNomNom - https://www.twitch.tv/tomnomnomuk
Not all inclusive (sorry if I missed you). These should keep you busy for a while.
(14/?) There are also tons of free training sites:
@PortSwigger Academy - https://portswigger.net/web-security
@Hacker0x01 101 - https://www.hackerone.com/hacker101
@Bugcrowd University - https://www.bugcrowd.com/hackers/bugcrowd-university/
Again, just a start, but should keep you busy.
@PortSwigger Academy - https://portswigger.net/web-security
@Hacker0x01 101 - https://www.hackerone.com/hacker101
@Bugcrowd University - https://www.bugcrowd.com/hackers/bugcrowd-university/
Again, just a start, but should keep you busy.
(15/?) Once you start to get the basics down, it's best to explore public bug bounty programs and try to enumerate and attack. You might not find anything right away, but you can focus methodology. Those include @Hacker0x01, @Bugcrowd, @intigriti, @SynackRedTeam, and others.
(16/?) Familiarize yourself with web application testing methodologies as well via @owasp. Treat this guide ( https://github.com/tanprathan/OWASP-Testing-Checklist) and the corresponding PDF ( https://www.owasp.org/images/1/19/OTGv4.pdf) as your bible.
Read write-ups, such as https://hackerone.com/hacktivity , @disclosedh1, @PentesterLand
Read write-ups, such as https://hackerone.com/hacktivity , @disclosedh1, @PentesterLand
(17/?) Lastly, learn wireless pentesting. WPA2 personal is pretty straight forward and can be learned via a blog post ( https://www.aircrack-ng.org/doku.php?id=cracking_wpa).
WPA2 enterprise can be a little trickier, but again, some blog posts to the rescue:
https://n0where.net/targeted-wpa2-enterprise-evil-twin-attacks-eaphammer
https://teckk2.github.io/wifi%20pentesting/2018/08/09/Cracking-WPA-WPA2-Enterprise.html
WPA2 enterprise can be a little trickier, but again, some blog posts to the rescue:
https://n0where.net/targeted-wpa2-enterprise-evil-twin-attacks-eaphammer
https://teckk2.github.io/wifi%20pentesting/2018/08/09/Cracking-WPA-WPA2-Enterprise.html
(18/?) Now, this list is not all-inclusive, but a good start. You can learn all of this stuff for free and not spend tons of money on college/certifications, especially if you lack the means to do so.
Also, you're welcome to post the resources that helped you w/ these topics.
Also, you're welcome to post the resources that helped you w/ these topics.
(19/?) TCM out.
