In a previous post, What Color is Your Hat? , we discussed taking a look into the “whys” of wanting to become a hacker. (relax, it’s safe to use that word over here. We get it.) Now we’re going to start addressing the “hows” of becoming a hacker. Hold on. Back up. Let me rephrase that because contrary to what some people may have you believe, no one can really teach you how to be a hacker. Just like no one can really teach you how to be a programmer. Sorry, pal. That’s just not how this works. (Actually, the very essence of the word itself implies a state of action, not being. Vulnerabilities are constantly being discovered with exploits to exploit them equally being developed. So becoming a hacker does not in the least bit imply obtaining a title and then sitting back with a “certification” to confirm it. No, to be a hacker is to be hacking….something. Aha’- but what must we hack? That becomes the question that every single person finds themselves faced with the very second they decide to put on one of those hats. I’ve decided to wear the hat, now what do I hack? (a little poetry anyone.)
If you’re just now deciding to wear one of those hats, you may be thinking to yourself that you’d never mind worry with the “what” and would rather much get back to the “how”. I’ve been there but trust me when I say that your logic is flawed. Here’s why. This “how” that you’re consumed with is not one dimensional. The how that you apply in any engagement that you intend to be successful in is going to be dependent upon the “what”. In other words, there’s no one size fit all hack that you can employ to successfully penetrate a system. Not all systems will suffer from the same vulnerability. As a matter of fact, it will be within your job description to determine whether or not a system is indeed even vulnerable at all. And so forth.
So, since you’ve decided to embark upon this journey of becoming a hacker, I’m going to share another jewel with you that, if you heed my advice early on, will save you tons of headaches, agony, and sleepless nights later. You ready for this? Learn Linux ! This is probably the single most important “technical” jewel that I would impart upon the newcomer to this field. In fact, if I were to do it all over again, I would’ve spent my first 2 years on this step alone. The majority of the tools that you’re going to employ while you’re working your craft will be Linux-based. Speaking of which….
You’ll also want to pick out some tools that you’re going to need. Just like in any other profession, the quality and quantity of your work can be affected by the tools that you have to work with. Hacking is no different. No matter how good of a hacker you become, your skill will be limited by the tools you have at your disposal. There are literally thousands of tools to choose from. As a newcomer this makes choosing a set of tools to use a rather daunting task. I would suggest that being a newcomer you go with the cheapest and preferred choice that the majority of professionals in your field recommends. This way you don’t break the bank while just starting out learning how to use the tools. (Penetration testing tools can be quite expensive). At the time of this post, the preferred choice of tool that a great portion of the Info Sec community endorses is Kali Linux .
Now that you have your tools in place, it’s now time to get to work. In a later post we’ll take a closer look at the “what” to hack question while simultaneously setting about learning “how” to hack. If you’ve followed up on any of the links you probably have a little voice in the back of your head screaming, “WTF”. That’s okay. It’s normal. Just don’t give up. Remember: “The quieter you become, the more you are able to hear”.
