Many of the questions I see in r/howtohack or any computer security forum often are flooded with questions from beginners wondering how to get started in hacking. I hate to be the bearer of bad news but its going to be a lot of work.

Lets discuss some of the major reasons why learning hacking is so difficult and along the way we can dissect how to overcome these obstacles.

1) You don’t know where to start. Hacking is such a broad term with so many different definitions that you don’t know where to start.

  • Solution: Pick a goal or a technology to learn and work towards it. For example, if you are interested in learning to pentest websites you may want to begin with learning web technologies. Javascript, HTML, CSS, mySQL, PHP, HTTP, TLS/SSL, DNS, and webserver architectures are good places to start.

2) Hacking is hard :(. You have to spend a lot of time learning and that sucks because you just want to be l33t.

  • Solution: Identify what is important to you and grow the fortitude to accept nothing in this world comes for free. Knowing how something works is having power over that thing, and it takes years of experience and practice. Take solace in the fact that this knowledge was not gained overnight by the best in the business, they just have been at it longer than you and never quit.

3) I can’t find anyone to teach me, or ask questions to, or help when I get stuck.

  • Solution: If you’re here you know that simply isn’t true. I think most people will find that human beings in general have an inherent want to help. Its what makes social engineeringa legitimate and very viable skill. Contact any of us using our information on the About page and we will be happy to help. We only request that you have TRIED and researched a little before asking.

4) I can’t get any experience anywhere because I’m scared of getting caught!

  • Solution: I’ve never once hacked anything illegally. The other day a co-worker of mine told me that a little crypto puzzle he was working on took him a few hours to figure out while it took me about ten minutes. It wasn’t because I’m smarter than him (I’m definitely not), its because I had seen that exact same type of crypto during a Cyber Capture The Flag a few weeks previously. Experience in this field is worth its weight in gold. Being able to pick out a piece of data that is recognizable or out of place is often the key to the kingdom. CTF’s are often free to enter, and many CTF’s are accessible even after the public event is over. I recommend that everyone start with the OvertheWire Bandit series, it starts you off slow and ramps you up.

5) I got no money to buy a badass super computer to hax with!!!!

  • Solution: You could practice all your CTF’s with any computer laying around. The ONLY caveat to that is if you’re using your CPU or GPU for heavy processing, such as cracking hashes or passwords. Other than that any computer that can run Kali will be fine. If you have a little extra ram you could always run a virtual machine to set up a little hack lab.

My main point through all of this is that excuses are just that, excuses. There are loads of free, easily accessible tutorials, guides and videos to help develop the fledgeling hacker all you need to do is get out there and take it. The barrier to entry is pretty low but you do just need a computer, some guts and dedication to get anywhere in this field.

Categories: bloghackingsecurity