I would like to know how to practice and learn about the different hacking techniques and methods actually exists. How to start from the basics and reach the higher levels of the topic.
Books, Webpages, Videos, Images, Advices, etc. All the resources you can share for a beginner to become a profesional in the job. Before hand I’ve thank you for the time you’ve take to read this topic.
My best advice is start learning about how networking, programming (memory is important too) and web applications work, as understanding any hacking techniques is truly rooted in the understanding of the basic concepts and structure of computers.
Also stay creative.
I’ve been studying about programming and networking so far since thats my degree about, I’ve recentlly started my journey trough the HTB academy so I can use the VM to start practicing cause Im in blank. I’d would like to ask if you know of any source of material I can use to understand better the pentesting and improve my skills a lil more!
If you have programming and networking background you already have some progress!
I can personally recommend you to start with reading books like “The Web Application Hacker’s Handbook” (by Dafydd Stuttard & Marcus Pinto) or “The Hacker Playbook - Practical Guide to Pentesting” (by Peter Kim), as those are the two books I personally started with. Those are my personal preferences but it is very important that you also stay curious and do your own research!
As a general rule of thumb, you should probably also read as much as possible about exploits or vulnerabilities recently discovered. This can improve your researching skills and give you some ideas, both are crucial for pen-testing.
It’s very recommended you have a variety of programming languages in your arsenal of programming, as it makes you a more versatile researcher.
If you don’t have any background in memory and/or memory exploitation, I can recommend LiveOverflow (Youtube) who has an indepth guide to binary exploits. It is also recommended to learn Assembly as it gives you a general idea of how computers think on the CPU level, and maybe a bit of C or C++.
Focus on concepts rather than methods, as the concepts are the thing that builds your thinking process better so that you can correctly approach different problems. It’s better to know concepts so that you can code your own stuff, than to remember lines of code someone else wrote.
CTFs are a very good place to start practically, and I personally started practicing the theory I learned by doing 2-3 retired boxes while following Ippsec (Youtube), who is a very famous member of this site. He has very in-depth videos which can really help you get some insights.
Nevertheless, never ever go on to online solutions or references when you decide to work on a live problem! That is a very bad habit to develop. Remember that no-one is worth comparing yourself to, except for the person you saw in the mirror yesterday. In the end, even if you have a lot of hacked boxes on this site but you cheated your way while doing so, you only developed a bad habit and cheated yourself. Hard work always pays off.
Best tip I can give you is to stay curious and creative, and never stop researching
Hope this helps you on your journey!
