======So, You Want to be a Hacker?====== ===== What is a hacker? ===== The term Hacker was originally coined as a way to describe an individual that experiments with technology. Over the past few decades, the media has subverted this term to have negative connotations. It is possible to reverse this negative connotation with the advent of “ethical hacking”. To most hackers, hacking is not about simply subverting a system to gain some type of advantage or service that would otherwise be inaccessible, or even as a strictly monetary venture. A hacker is one that adapts a certain mindset and cultivates a love for problem solving, learning, creating, and fixing issues. Practically, this will be adapted to computer hardware, software, networks, locks on physical doors, and even people. To put it bluntly, hacking is simply using or manipulating people, places, objects, or ideas in a way that they were not originally intended to be used. ===== What a hacker is not ===== In general, hackers have a natural inquisitiveness about the world around them, and always have the desire to learn new and interesting ideas. Script Kiddies (skids) are individuals who do not want to learn or do any work, but still would like to reap the benefits from the work of others. This can generally be seen when a skid asks for tools that will automatically do the work for them without any base knowledge required, or for someone else to do the work for them. The hacking community has no place for those who are not willing to learn, or at least attempt at understanding why tools work, and the technology that is backing such tools. This is where a lot of skids run into trouble with law enforcement. Not understanding the concept that attempting to break in, modify, steal, or freely distribute services, accounts, and data is illegal and punishable by law. Most skids tend to be mocked for their unwillingness to learn and inability to understand the basics of how the world functions. ===== What You Should Learn First ===== ==== Learn Computer Shell Environments ==== Whether one is working on Windows and wishes to learn DOS/Powershell or one is working on a UNIX-based system and needs to learn the default shell: BASH (Bourne-Again SHell). For Windows this is a list of necessary Command Prompt commands. For BASH: this is a useful list that can be used as a quick reference. For the best of both worlds as far as commands and usage are concerned the Red Team Field Manual is a simple, hard-copy reference book for both DOS and BASH commands. Operating Systems ==== Learn to Program ==== Automation of trivial tasks, design and execution of malware, as well as the construction of exploits can all be accomplished using programming. Programming is one of the most necessary skills, not only for the direct benefits of writing programs, but learning to program will further one's ability to be brought under the hacker's mindset. The top four programming languages that we recommend to start with are Python for scripting, go for it's networking capabilities and c++ for many other situations and lastly C for very low-level programming. While learning a programming language, it is a great idea to be writing programs to help reinforce the concepts as they are learned. Programming Resources ==== Learn Networking ==== Networking is the infrastructure over which all computers and connected devices communicate and exchange data. Knowledge of networking is essential in the cyber security field. Understanding the basics of how the internet functions is an important concept. Some of the basics would involve the OSI model, common ports with their associated protocols, standards, topologies, and common network-based attacks. Networking Resources ==== Learn How Computers Function ==== How does a CPU intake instructions and execute those instructions? The ultimate way to gain an intimate understanding of how a computer works at every level of abstraction is to build one. You should take a look at Nand2Tetris to be able to get a clear example of how these things work together. This task is challenging and will be a lot of work, however the knowledge generated from learning the basics from projects and online tutorials will be incredibly beneficial to one's career. ==== Learn Operating System Design ==== Understand the how the physical hardware interacts with the software in a way that allows all of the world's devices to function. It might also be advisable to check out type 1 and type 2 hypervisors, how they interact with the hardware and how type 2 hypervisors interact with the host OS. ==== Be Aware of News ==== Keeping up with hacking news for the latest exploits and vulnerabilities and technology updates is important for anyone involved with hacking or cyber security. ===== Capture The Flag! ===== Participating in Capture The Flag (or CTF) challenges is one of the best ways to practice and learn hacking by doing it legally. Try the Laptop Hacking Coffee CTF and join the LHC Discord to ask questions. List of CTF challenges ===== Go to Security Conferences or find a local infosec group ===== Security conferences (or cons) are some of the best places to meet other hackers, learn about the latest techniques, see the state of the industry, and participate in CTFs. Check out DEFCON, BlackHat, DerbyCon, Shmoocon, BSides, and many others. Security and Hacking Conferences ===== Resources ===== For a complete list of resources, check our our Resources Wiki Page