How to Become a Hacker? (Beginner Complete Guide)
What you will need:
- Virtual Machines (or physical machines)
- Operating Systems
So, let us begin with the most important part- books. Now, most people here will tell you that you should hack to learn, not learn to hack, but you actually need to do BOTH simultaneously. To do this, you need books/knowledge of what it is you want to do, some form of tutorial or article on how it is done/ideas of where to start, and access to a virtual lab to try out new things.
There are two main software programs to run virtual machines in. One is the open-source VirtualBox and the other is the commercial based VMWare. Either program should be sufficient for basic lab testing. People use both, so you should always find someone you can help you with.
Having your own personal lab to test on is vital. You should not test on real-world machines because they can land you in serious trouble. Always make sure you have permission. The virtual environment will allow you to watch first hand what happens to both sides of the action. Plus, if something goes amiss, you can simply revert and tweak. You should be using Kali Linux (not BackTrack) as your attacking machine in your lab.
You can use intentionally vulnerable VMs such as Metasploitable, Damn Vulnerable Web Application, and Damn Vulnerable Linux. You should also get images for the operating systems below as you’ll have to gain knowledge on a wide spectrum of operating systems if you intend to be a decent penetration tester.
- Server 2003
- Server 2008 (R2)
- Server 2012
- Windows XP
- Windows 7
- Windows 8
- Mac OSX
- Ubuntu Server
You will encounter every single one of these in the wild. You should become familiar with them, read about them, and break them.
You should obtain a firewall as you’ll need something that can block off your test network from the rest of your network. This provides a fairly close setup to what the real world offers. It can let you see what data can bypass the firewall and you can see what happens when someone port scans, requests data, etc. This can also help you practice avoiding intrusion detection systems (IDS).
Two pieces of software that aren’t covered in the Kali book are Currports and Wireshark. Carports can be used to show you your active ports on Windows machines. It will show where your ports are going and pointing to; it will also help you get an idea of what services default to where so you can identify the points of attack. Wireshark is a program that sniffs all network traffic so that you can watch the packets fly back and forth in real-time. Other software is better covered in the Kali book.
Basic configuration for most networks
The firewall will act as the main filter between the target network and the internet. Should this be compromised, the attacker will have full access to the internal network. A second, but less filtered, firewall between the wireless and the internal network can act as another nuisance to help thwart an attacker.
The target network’s public IP address(es) is/are the link(s) between the attacker and the target network. By knowing the address(es), you can begin a port scan. This will show you what services are running on the open ports, what operating systems are running those services, and if there are any vulnerabilities. There are often times multiple public IP addresses associated with a network, so it is advisable to scan a range of IP addresses to find several points of entry.
If you are unsure if the target network’s IP address(es), you can try to ping their domain names (such as mail.companyname.com) to find it/them. Once you have found a domain name, you can run a Nmap scan such as “nmap -vv -sV -Pn -T2 domain.companyname.com” to gather additional information.
Once you have solid information on their network, you can begin to move on to vulnerability scanners such as Nessus, Nexpose, or OpenVAS to find vulnerabilities in the network. They can tell you if a network is vulnerable. They will also provide you more information on how to fix that vulnerability and/or how to exploit that vulnerability if it is possible.
You should always try to learn more and be inquisitive, but be sure to ask questions after you have searched for the knowledge yourself. Aside from this forum and others, there are some IRC chatroom channels that have a lot of bright and friendly people that can help you out. You can also try to network with actual security professionals as they have the best knowledge and real-life experience.