Often times on the /r/howtohack subreddit you’ll find a post that’s similar to “I want to be a hacker, how do I start?”. My problem with a question like this is its so open ended. Its not precise enough, its not focused. One of the most popular “How to be a hacker” posts defines the term as “most having to do with technical adeptness and a delight in solving problems and overcoming limits”. Most people who have this innate problem solving personality would have already scoured the internet but the sheer level of information out there today is mind boggling. Where do you even start?
That’s what I did, I searched until my eyes bled, Googling my way through trash tutorial after another and marveling in how much information there was. For me, the problem was there was too much of it and I had no idea where to begin. I bounced from project to project which gave me no real results. I found my way through formal education and job experience and I hope to relay some of that structure here with the Roadmap.
Find something you’re interested in solving and figure out how to defeat the problem. I find that most newbies have problems with figuring out what they want to do. So I’ll break some of it down a little bit.
You’re going to need to know how the internet and networking works. TCP/IP protocols, OSI model, routers & switches are some examples. Why? Because this is the foundation for how things communicate and if you can understand how to decode the bits and bytes that traverse a piece of CAT5 cable you can use it to your advantage. You need to fully grasp WHAT happens when you launch your exploit through the intertubez.
Malware? Viruses? Worms? You’re going to need to learn programming. I recommend learning C and Assembly simply because that’s how I learned it and I saw its value in learning it that way. I personally reccomend learning through the book Hacking: The Art of Exploitation, 2nd Edition it’s beginner enough to just give you a peek down the rabbit hole but challenging enough to not give it away.
Tool development? Scanning networks, enumeration, task repetition? I recommend python and I recommend the book Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers. Python is a robust language that has TONS of resources to learn. Its easy to pick up, it reads very easily to a human and its powerful.
Encryption? Cryptography. I’m not the best at crazy mathematics and I have no interest in it but if you’re interested in it you’re going to have to dig deep into your math brain.
Webpage Exploitation? Getting past that login prompt? Learning PHP, MySQL and other popular webpage back end languages are where I would recommend you begin.
Social Engineering? Getting people do do what you want them to do, open files, send you information.
Wireless Hacking? You’re going to need networking, and some encryption & cryptography. You could use social engineering. Hacking is about using all of these specialties to gain a desired effect. So when asking questions be more specific. Instead of saying “I want to learn everything there is about hacking”, say something like “I’m really interested in networking security, packet encapsulation/obfuscation and I’m trying XYZ. Can anyone help?” You’re more than likely going to get a BETTER answer.
This list is non-inclusive. There are many other fields out there and within those fields sub fields. I’ve tried to cover the main areas where I see most questions starting from. If you feel I’ve missed one or would like a write up on a specific topic please feel free to send me an email at hackmethod15 at gmail dot com or leave a comment below.