Want to learn hacking?
This is your beginner’s guide. This article explains you 2 strategies:
- If you are interested in computers and technology, go through the entire tutorial step-by-step.
- If you areless technically adept, go to the “Social Engineering” chapter first to get an introduction to non-technical hacking.
Let’s get started!
- 1 Why should I learn hacking?
-
2
In 10 steps from 0 to hacker
- 2.1 #1 Soak up motivation!
- 2.2 #2 First successful attempt
- 2.3 #3 Start with a focus on one thing
- 2.4 #4 Understanding technical basics
- 2.5 #5 Learn the basics
- 2.6 #6 Get to know bug bounty programmes
- 2.7 #7 Switch to Kali-Linux
- 2.8 #8 Manual steps
- 2.9 #9 Automate + Scanning Tools
- 2.10 #10 Keep going every day
- 3 Social engineering – a different approach
- 4 Types – The Motivators
- 5 Further resources
Why should I learn hacking?
Many legal reasons motivate legal “white hats” worldwide to get involved with this topic. I hack because, …
- … you can have a lot of fun.
- … you can trick yourself when you forget your password.
- … you want to build up a second income (or a full-time job).
- … you want to understand computers better.
- … you are using software that has locked you out (database).
- … you want to know the strategies to protect yourself from criminals.
- … you want to do something good for society.
Is hacking illegal?
You are allowed to hack if you penetrate your own systems or support other organizations or persons to close their vulnerabilities(ethical hacking). You need a written declaration with the scope and signature of the other person that you are allowed to hack (provability).
Prohibited are any form of self-enrichment, causing damage, invasion of privacy and data theft (see types of hackers). Pay attention to the paragraphs in the law.
With common sense it should be clear what should be allowed. Hacking is the unconventional and creative activity of investigating computers. The media portrays “hacking” in a one-sided negative way and misunderstands it! You don’t walk through your village with a crowbar and try to pry open windows “to test something”.
Steffen Lippke
Do I need prior knowledge?
No, you do not need any prior knowledge for this guide.
A broad prior knowledge or a degree in IT will help you sort out new topics more quickly. A non-specialist without IT knowledge can try the social engineering strategies in the first step and dive into the IT topics later.
You can work through the tutorial faster if you like working with technology and computers. Beginners will benefit from having stamina, advanced Google skills, reading comprehension and lots of creativity.
My tip: Start without thinking and without preconceptions. Try 1-2 strategies on your own computer.
Steffen Lippke
Do I have to know how to code?
No, coding helps you to understand tools more easily.
Programming is not a must for beginners. For the advanced topics you should learn the basics of a programming language.
You can check out my free beginner tutorials on JavaScript, Python, TypeScript, Java or Laravel (PHP), which you can do without any prior knowledge.
What computer do I need?
You do not need a fast and powerful computer. Windows, Linux and macOS are suitable.
Kali Linux is a suitable OS environment. Most software is “pre-installed” in Kali Linux or is available for free (open source). A few professional tools cost a lot of money, which the well-paid professionals use. The internet provides an open source alternative in most cases.
In 10 steps from 0 to hacker
These 10 steps should introduce you to a new geek world.
Step-by-step!
#1 Soak up motivation!
Some news websites and bloggers report on the interesting approaches that have taken place in the past.
Todo: Read through 3+ inspirational stories. You will surely be surprised how easy hacking is. Using unconventional tricks, pentesters trick companies, cripple computers and wield power over institutions. The stories inspire you to start now and give you an idea of what this super skill can do:
- Capitan Crunch made free domestic and international calls through AT&T by creating a 2,600-hertz tone through a toy whistle (1969).
- The crypto Trojan Conhive generated Bitcoins using the power of computers that visited a Coinhive infected website. This Trojan is a real money printing machine.
- The Morris virus cripples a large part of the UR Internet. 6000 computers fail and the Black Hat has to pay a 10,000 dollar fine for this (1988).
- Kevin Mitnick was able to do most of his hacks with a phone and good persuasion. This is how he penetrated major American telephone companies for fun.
- Criminals steal documents from NASA about Mars mission (2019).
Reading the stories makes me smile at the old mistakes and bugs in software.
The bloggers describe the modus operandi vividly and with the necessary drama because the incidents could have ended more seriously.
Read. Be motivated. Get inspired and start the next step to becoming a professional in this skill.
Steffen Lippke
The stories are meant to motivate you to see hacking as something worth striving for. You will learn about the power through stories that white hats can have on companies and institutions.
#2 First successful attempt
Try beginner tutorials in the second step.
Todo: Hack your own systems. Alternatively, the internet provides public demo systems to give you a first impression of the activity.
- Damn Vulnerable Web Application (DVWA): A test website with many errors and bugs that you can exploit. This is a real playground for white hats.
- Hack the box: Test your skills on real-life servers. How do you become root?
You can acquire the technical knowledge in the next steps. My tutorials are tailored to a specific case. The tutorials guarantee your success if you follow the instructions exactly.
In reality, the pros hack according to the trail-and-error principle and a preceding collection of information.
#3 Start with a focus on one thing
You can start in many different areas.
Top tip: Start with the area that interests you the most.
Steffen Lippke
All areas are closely intertwined. You can reuse what you have already learned in another section. In the beginning, you should not touch on too many topics. Set a focus so that you can achieve initial success.
#4 Understanding technical basics
The following section gives you a broad selection of topics related to the web.
Some of the technical basics will help you understand the software better. You will notice overlaps with other areas such as networking and Android. The list below can be extended with other topics.
Todo: Learn the basics of your focus topic.
You don’t have to learn all the basics at once for your first big hit. The more you know, the more tools you have to successfully penetrate something. For a successful strike, a deeper knowledge of only 1 basic topic is sufficient, so that you can take on an unfamiliar system.
- The Internet: OSI model, routing, packets, frames, Ethernet, IP addresses, TCP, UDP, various protocols such as HTTPs, HTTP, FTP, Telnet, SSH, etc.
- Anonymity on the net: Virtual Private Network (VPN), The Onion Router (TOR), cookies, fingerprinting, WhosIP, backtracing
- Designing a website: Basics of HTML, CSS and JavaScript / TypeScript, JavaScript Trojans, Bitcoin miners
- Web: ports, sessions, tokens, request methods, encryption on the internet, browser engines
- Old and modern databases: database types, transaction, accesses, table, columns, records, SQL, NoSQL
- Legacy andmodern architectures: 3-tier architecture, REST API, Graph-QL, microservices
- Online lectures: Software Architecture, Operating Systems and Networks (Communication Systems) I recommend you
- (optional: a real programming language like Java, Swift from Apple, C-family, Python, Ruby etc….)
#5 Learn the basics
Before you start to take over other people’s systems, you should be aware of the applicable law. With well-intentioned cracking, you can quickly become liable to prosecution if you cross a boundary such as privacy.
Todo: Hack your own systems first. I list below the most important topics that you can delve into step-by-step.
- OWASP Top 10 – the Open Web Application Security Project (OWASP) – wants to make the digital world of tomorrow more secure. The TOP 10 shows you the most common mistakes made by developers.
Understand all 10 vulnerabilities. The probability that you will find a top 10 bug is high.
An efficient geek uses the OWASP Top 10. In 20 % of the search time you will find 80 % of the vulnerabilities (Paetro principle). - Social engineering: If you are not so technically inclined and have a good talent for speaking and acting, try social engineering. The tricks of non-technical hacking will put you on a different path to success. Read the Social Engineering section if you are interested in this topic.
- Bugs in software: Why do bugs in software occur? How do companies prevent the loopholes? How can I detect software bugs? Is there such a thing as bug-free software? Find out about good software and bug bounty programmes.
- Vulnerabilities: Pentesters love vulnerabilities. Without much effort and brains, IT professionals penetrate foreign systems. The Common Vulnerabilities and Exposures (CVE) are software (and hardware) bugs. MITRE should only list the CVEs that organisations can optimally update (patch). The CVSSv3 vector indicates the severity of a vulnerability. 10 is the maximum.
- Procedure: Deal with the essential attacks, methods and procedures such as a buffer overflow, attacks on encryption, reverse engineering or bruteforce. These are the types every White Hat should know.
- Malwaretypes: Malware comes in different forms: (polymorphic) viruses, keyloggers, rootkits, RAT, Trojans, worms and adware. Each type of malware has a different goal. Find out more about malware in my 19 malware types guide.
#6 Get to know bug bounty programmes
To make sure your new hobby doesn’t lose its appeal, you should sign up for a bug bounty programme.
Some tech companies like Microsoft, Apple and other big IT companies give the white hats a nice sum (up to 1,000,000 USD) if they professionally point out the weaknesses to the company.
Steffen Lippke
The website HackerOne offers a platform where small and large companies offer bug bounties. Sign up today for free. I explain how you can earn money with HackerOne in the bug bounty tutorial.
#7 Switch to Kali-Linux
Todo: Install Kali-Linux on a virtual machine, a separate hard disk or partition.
Kali-Linux is a Linux system that comes with many hacking programs right from the start. You can start without searching for the programmes and tearing your hair out with the installation procedures.
Software advice: Focus on how the tools work, how to use them correctly and how to set them up.
Steffen Lippke
- Linux’s basics: Inform yourself about the following topics: the differences to Windows, macOS and other operating systems, advantages and disadvantages of Linux systems, rough structure and function of UNIX.
- Bash basics: Like Windows (CMD, PowerShell), Linux has a console. Sooner or later you will love the freedom of the console. Learn the basics of the console to be able to use many tools more easily.
When penetrating foreign systems, you can rarely use a graphical user interface. With 11 vocabulary (commands) you can perform 80% of the most important actions in the console.
#8 Manual steps
Todo: Start manually
The website “Hack This Site” is suitable as a playground.
The website remains unprotected against the most popular strategies so that new white hats can learn the basics in practice. Start with the following strategies:
- Type an XXS script into an input field and wait for the response.
- Test an SQL injection to bypass a login with password protection.
- Use the default password lists to hijack the admin account.
- Start collecting information about the target (server type, operating system, framework, operator, location, known CVEs) to get an overview of the target.
The following websites offer some tutorial and sandboxes where you can go wild:
- DefendThis: An interactive platform
- Hack.me: Here everything works at the push of a button (without acting illegally)
- Juice-Shop: Test a juice shop website locally on your computer
#9 Automate + Scanning Tools
Know some of the basics mentioned in steps 4 and 5 before reading on. Learn the basics for a particular tool before using a programme.
- How does the tool work?
- What do the manual commands look like in the console?
- What can I do with the programme?
- What are the challenges?
- When and why does this trick work?
The script kiddies skip all the basics, don’t know the legal situation. The parents can be sued (in the very worst case) to imprisonment and the children can be committed to psychiatry.
Here is a list of known tools:
- Burp: Vulnerability scanner and manual web tools
- Nmap (Zenmap): Network scanning tool for network admins
- Nessus: Vulnerability scanner from Tenable
- Wireshark: network capture and packet analysis
- HTTPrint: Detection software for frameworks, servers and co.
- Metasploit: Penetration testing platform with vulnerabilities
- OpenVAS: Open Source Vulnerability Scanner
- SQLmap: SQL injection tester with an automatic feature
- AirCrack: Crack W-LAN or test a W-LAN for security
- … and 29 more top tools
#10 Keep going every day
A good professional never stops learning. Every day the white hat learns new methods, tries out trends and plays around with the terminal console.
The white hat MUST learn new things because knowledge is added every day. Many new vulnerabilities, protection mechanisms and approaches appear on the Internet every day.
Social engineering – a different approach
Social Engineering is based on psychological tricks. The idea of social engineering is to exploit the weak point “human”. You try to manipulate people to get passwords or access.
At the Federal Intelligence Service there are officers who are skilled in such social engineering tricks. They do not try to outsmart high-security computers, but outsmart the people who are authorized for the high-security computers.
Steffen Lippke
I have prepared a few tutorials for you that you can do with Social Engeinnering. You don’t need any previous knowledge, no IT studies and you don’t have to be a technology freak:
With psychological tricks and acting, white hats can get almost any password. Criminals can bypass IT security spears and get confidential information.
Types – The Motivators
Black Hats – Illegal and Criminal
Black Hats are considered the pizza-eating computer zombies. They sit in mum’s basement and tech companies like Amazon, PayPal and Google, steal money and or cause damage. Black Hats work illegally and end up in prison.
White Hats – Legal + Profitable
White Hats like to hack websites, apps and programs. They help companies and individuals find all sorts of errors, vulnerabilities and bugs in your software.
The IT professionals get paid very well for the “service”, so bug bounty programmes have made hackers LEGAL millionaires.
Steffen Lippke
Grey Hats – danger for companies
Grey Hats (un)intentionally publish their found vulnerabilities from known operating systems and software on the net. The Black Hats can exploit the vulnerabilities. Companies need to close the vulnerability quickly to reduce the risk of a black hat hack.
Script Kiddies – Big Mouth and Dangerous
The twelve-year-old Script Kiddies find a tool on the net. The minors attack companies or a private person and deliberately make their victims angry.
The parents are liable for the damage caused by their child.
Penetration Tester – Red Team
If you’re looking for a meaningful job with a good salary, work in corporate IT security. Alternatively, earn your money as a freelancer with bug bounties.
Cybersecurity Analyst – Blue Team
The IT security analysts (Protection = Blue Team) protect your systems against the attacks of the group (Attack = Red Team). In the competitions, the Blue Team protects a server with demo data from the Red Team. Red try to penetrate the system unnoticed.
This guide should motivate you to become a White Hat, Professional or Blue Team / Red Team – Grey Hats, Black Hats and Script Kiddies are criminals sitting at the computer.
Steffen Lippke
Further resources
- Wiki-How – general overview of the topic for beginners good start, but very superficial
- Fareed’s guide – goes into more depth and explains some terms
- Quora Questions with many answers – some experts give a good overview
- CCC How to – culture introduced with a social component
- OWASP’s pentesting guide – go through it
- OWASP Top 10 – A must read
- TutorialsPoint – A compilation of attack types