Want to learn how to hack?
I’m a cyber security professional and these are 10 simple that anyone can follow to start their hacking journey!
1. Get a computer
It doesn’t have to be expensive, but should have enough RAM to run virtual machines. I use a MacBook Pro with 32Gb of RAM, but if you don’t know what you need, you can search DuckDuckGo for “laptop for hacking”.
2. Get a hypervisor
A hypervisor is a piece of software that allows you to run a computer within a computer (also known as a virtual machine or VM). There are solutions from @VMware (Fusion/Workstation) and @virtualbox that are great.
3. Download Kali Linux
@kalilinux is free, actively maintained, and a great starting point. Make sure you get the version that works on your hypervisor. If you’re stuck on the setup process, search for it on @YouTube.
4. Setup Kali
Get Kali working on your hypervisor. If you have difficulty with the internet connection, check the Kali documentation. Pay attention to the network settings in your hypervisor software (look out for words like: bridged, NAT, auto-detect).
5. Gain knowledge
All you lack now is knowledge. You have all of the basic equipment that I, and many others, use on a daily basis. There are a load of websites, YouTube channels, and books to choose from. Get ready to be busy organising your bookmarks and command snippets. I recommend @GitBookIO.
6. Get a hold of this book
@georgiaweidman really nailed this book. It will ease you into how penetration testing/hacking works and is worth every penny!
7. Setup Metasploitable
Metasploitable is an intentionally vulnerable computer made by @rapid7. You set it up alongside the Kali VM and then attack it. There are plenty of videos on YouTube to show you how to achieve both. Handy for offline practice.
8. Explore VulnHub
If you’ve exhausted Metasploitable, you’ll have learnt a lot. @VulnHub hosts vulnerable computers, like Metasploitable. They have tutorials that teach you how to hack each machine. You have to download them to attack them. All for free.
9. Join Hack the Box
@hackthebox_eu might be my single favourite training environment. Free and paid. They even have a cloud hosted VM so you can hack from within your web browser (bye bye hypervisor). Amazing tutorials from @ippsec and a great community.
10. Test your knowledge
There’s a whole bunch of certifications you can take to prove your knowledge. @eLearnSecurity has the eJPT, @offsectraining has the highly coveted OSCP, and @SANSInstitute has GPEN, but there are many more!
Stick at it!
If you execute against even half of that, you’ll know a lot more than you did before and have a better appreciation for all things cyber.
Best of luck in your journey!
VHJ5IEhhcmRlcg==
If you’d like more advice, don’t hesitate to DM me on Twitter
Read this post and more on my Typeshare Social Blog
