Hey guys, I’m very bad at hacking. Does anyone have tips or tricks on how to get into hacking? I’m looking for new ways to learn, so if you know any place or site I could go to, please let me know.
Thanks
(If anyone would be willing to teach me anything, I would be extremely happy)
Over the wire, vulnhub, youtube (the cyber mentor, hackersploit…) build your Own lab, be aktive on the Forum, try retired machines on htb, read write ups, this List could be endless.
Setup a basic CommandoVM (optional; CommandoVM can make things easier when attacking windows)
Watch all Technique videos from IPPSEC on youtube.
Then watch two or three walkthroughs of HTB boxes by IPPSEC. (This is so you have some ideas on what to start with on your first box)
Loop:
a. Choose the easiest Box you haven’t pwned yet.
b. Try your best, fail, cry.
c. Pick yourself up, do some research. (This Forum is full of hints, Google is always your friend, https://ippsec.rocks has a search for ippsecs videos by timestamp, very useful for finding the right video to watch)
d. Crack the box and enjoy the rush pwning a system gives you.
e. Make notes on how you did it, what techniques you used and what commands/tools helped.
It’s a long process, but for me it was the most effective. That way you slowly build up knowledge and tools.
Also don’t be afraid to ask on this forum about the box you are currently attacking (spoiler free of course). If you get really really stuck maybe ask for someone to PM you or scour the forums for people who already cracked it and offered help via PM.
Especially in the beginning don’t go like “Oh, if I get help I haven’t earned the box.”. Look at it in this way: Even if you haven’t “earned” this box, you still have learned a lot that will help you do the next box with less and less help. No shame in getting help!
That being said, I studied computer science and was already versed in Linux before starting this. So depending on your current knowledge you might want to read up on a bit of Networking basics (TCP/IP in particular and a bit of UDP) and get to know Linux and your way around the command line. If you want to attack windows, you should also know how to use the command line and powershell (not necessarily writing scripts, but using the cli at least) and some things about administration of windows via registry, the net command and its siblings.
PS: Studying CS is by no means mandatory! Just be curious, ask the right questions and do your research and you’ll get there.
In addition to the good answers above, I’ve recently started a youtube channel to try help explain things for beginners or people who just want to understand how stuff actually works. Mainly focusing on various Windows related attacks and also covering all of the HTB boxes I complete. Here’s one of my videos for people who are new to AD specifically:
@targodan Thanks so much! You guys are a big help. I was searching the web for hours to find a proper guide on how to get started but your comment is like 10 times better than anything I’ve found.
I can highly recommend the “Practical Ethical Hacking - The Complete Course” course of The Cyber Mentor on Udemy. It really helped starting out. I think it’s on sale today (and if it isn’t, just wait some time, they have regular sales at Udemy). For the sale price, I think it is absolutely worth the money to get a structured course where you don’t have to hunt for all the videos on YouTube and such (even though most of the content is probably available there as well). The full price is a bit much, though…
Setup a basic CommandoVM (optional; CommandoVM can make things easier when attacking windows)
Watch all Technique videos from IPPSEC on youtube.
Then watch two or three walkthroughs of HTB boxes by IPPSEC. (This is so you have some ideas on what to start with on your first box)
Loop:
a. Choose the easiest Box you haven’t pwned yet.
b. Try your best, fail, cry.
c. Pick yourself up, do some research. (This Forum is full of hints, Google is always your friend, https://ippsec.rocks has a search for ippsecs videos by timestamp, very useful for finding the right video to watch)
d. Crack the box and enjoy the rush pwning a system gives you.
e. Make notes on how you did it, what techniques you used and what commands/tools helped.
It’s a long process, but for me it was the most effective. That way you slowly build up knowledge and tools.
Also don’t be afraid to ask on this forum about the box you are currently attacking (spoiler free of course). If you get really really stuck maybe ask for someone to PM you or scour the forums for people who already cracked it and offered help via PM.
Especially in the beginning don’t go like “Oh, if I get help I haven’t earned the box.”. Look at it in this way: Even if you haven’t “earned” this box, you still have learned a lot that will help you do the next box with less and less help. No shame in getting help!
That being said, I studied computer science and was already versed in Linux before starting this. So depending on your current knowledge you might want to read up on a bit of Networking basics (TCP/IP in particular and a bit of UDP) and get to know Linux and your way around the command line. If you want to attack windows, you should also know how to use the command line and powershell (not necessarily writing scripts, but using the cli at least) and some things about administration of windows via registry, the net command and its siblings.
PS: Studying CS is by no means mandatory! Just be curious, ask the right questions and do your research and you’ll get there.
Thanks @targodan for sharing your experience…
It’s very helpful for me to get started.
Setup a basic CommandoVM (optional; CommandoVM can make things easier when attacking windows)
Watch all Technique videos from IPPSEC on youtube.
Then watch two or three walkthroughs of HTB boxes by IPPSEC. (This is so you have some ideas on what to start with on your first box)
Loop:
a. Choose the easiest Box you haven’t pwned yet.
b. Try your best, fail, cry.
c. Pick yourself up, do some research. (This Forum is full of hints, Google is always your friend, https://ippsec.rocks has a search for ippsecs videos by timestamp, very useful for finding the right video to watch)
d. Crack the box and enjoy the rush pwning a system gives you.
e. Make notes on how you did it, what techniques you used and what commands/tools helped.
It’s a long process, but for me it was the most effective. That way you slowly build up knowledge and tools.
Also don’t be afraid to ask on this forum about the box you are currently attacking (spoiler free of course). If you get really really stuck maybe ask for someone to PM you or scour the forums for people who already cracked it and offered help via PM.
Especially in the beginning don’t go like “Oh, if I get help I haven’t earned the box.”. Look at it in this way: Even if you haven’t “earned” this box, you still have learned a lot that will help you do the next box with less and less help. No shame in getting help!
That being said, I studied computer science and was already versed in Linux before starting this. So depending on your current knowledge you might want to read up on a bit of Networking basics (TCP/IP in particular and a bit of UDP) and get to know Linux and your way around the command line. If you want to attack windows, you should also know how to use the command line and powershell (not necessarily writing scripts, but using the cli at least) and some things about administration of windows via registry, the net command and its siblings.
PS: Studying CS is by no means mandatory! Just be curious, ask the right questions and do your research and you’ll get there.
I absolutely adore your answer man, what a beautiful answer!