Disclaimer: This post is for research and educational purposes only. I do not take any responsibility, in regards to the actions taken by readers of this article. Never attempt to hack a device for which you do not have the required permissions to do so.
Its quite simple actually, wear a black hoodie, type really really fast on a terminal and then exclaim “IM IN!”, and lets not forget about the “glowy” keyboards.
Okay never mind its actually not that simple, well it can be, but it all depends you.
The thing is, its not what the movies show you. You can’t hack into someones computer in 5 seconds. It just doesn’t work like that. Ethical hacking is all about being creative, being consistent and having willingness to learn. The journey of becoming a hacker never stops.
To become a really good hacker, you will need to learn every single day for the rest of your life. Each day, new tech is developed, new software’s come out, new applications are launched, and of course with that new vulnerabilities come in every single day, all of them waiting to be exploited by a cyber criminal.
Hackers not only break things, they build things as well.
Anyone can become a hacker as long as they are hungry for knowledge. You don’t need to be Male or have a Computer Science background or any kind of technical background. Everyone is welcomed in this field. If you have no experience don’t worry. We all had to start somewhere, and we all needed help to get where we are today. I literally created this website to help anyone who wants to start learning and needs some guidance, because at the end of the day i cannot hold your hand, you have to learn to think on your own and create your own journey.
It helps to have basic computing skills
That seems to be a good amount of motivation of everyone. I hope i convinced you to stay and learn. So lets get started.
Let me tell you what hacking really is in the real world.
Hacking is identifying vulnerabilities of a system and then exploiting those vulnerabilities. Now the real question is, How do we do this?
The Hacking Methodology
Imagine that you need to break into someones house (please don’t ever do that), steal their money and make sure that you can keep doing so in the future. Yes, i know its not a very ethical example, but lets just continue.
The first thing you should do is gather some information on the house. How big is the house? How many doors are there? How many windows are there? When is the house empty? Things like that.
It is vital to know your target system. if you don’t even know what that system is, then how will you even attempt to hack it?
In this approach every component of the target system and every bit of knowledge is collected and stored. You may never know how important this information can be. There are a few examples out there, where in the reconnaissance process a relatively small piece of data was obtained and later became a crucial element for successfully developing an exploit and gaining access to the system.
There are two types recon in cyber security Passive and Active:
Passive recon is when you’re not communicating with the target. This is accomplished through web page inspection, Google exploration, information research of social media profiles and much more. In particular, you try to catch for any data to hold against the target that can be applied. This is the only not forbidden phase. Anything that goes beyond this phase could be treated as a crime if you ignore the word ethical.
Active recon is the stage where you are investigating your target. It involves the direct communication with the target. This includes scanning your target using various tools. Note that you should always mask or spoof yourself before doing anything.
2) Vulnerability Analysis
Okay now that we have gathered some information on our target house. We need to use that information and find at least one weak point. So, we look at the windows and doors. Lets start with the door, we notice that it has a lock (like duh), but looking carefully we find out that its a really old lock, so we maybe able to do something about it.
A zero-day vulnerability is a security flaw that is known to the vendor but doesn’t have a patch in place to fix the flaw. It has the potential to be exploited by cyber criminals.Norton
A vulnerability evaluation is the process of pinpointing, identifying, categorizing and prioritizing vulnerabilities in computer systems, applications and network infrastructure, and providing the entity with the necessary knowledge, awareness and risk background to understand and respond appropriately to the threats to their setting.
Now that we know the weak point of the house, we need to use that weakness to our advantage. Since its a really old lock, we could either use a hammer to break it or use a hairpin to open up the lock. You should go with the latter because the first one would raise a lot of suspicion. Anyways, we use the hairpin and now we are in. YAY!
Always be stealthy while hacking into a system.
Basically, exploitation is the method of gaining authority over a system. An exploit is a block of code, a chunk of data, or a sequence of commands that takes advantage of a vulnerability in an application or a system to cause unintended behavior.
4) Post Exploitation and Maintaining Access
Now that we are in, we need to complete our primary goal to steal the money, once we do so, we need to make sure that we keep doing so in the future. So you find the spare keys inside the house and ask a locksmith to make a copy for us. Once that’s done, you now have access to the house aka a backdoor. You can go in and out as you please. We could take things even more further and place our own lock. Something like that would be called privilege escalation.
And that my friends is how you become a hacker. Every hack requires you to follow these steps. You will understand more once we get into actual ethical hacking. But before that we must solidify our basics on OS, networking and a few other concepts. I will keep uploading them in this beginner guide every week. So stay tuned.