RatSec

RatSec Blog

  1. Home
    2. »
  2. hacking
    3. » How to become an amazing hacker - in 10 years or less

How to become an amazing hacker - in 10 years or less

- Posted in hacking by

enter image description here

Introduction Yesterday i wrote the story of how i became an amazing hacker but i realise not everyone is the same or learns in the same way which is why i wanted to write an extremely detailed guide so that i could reach the broadest possible audience.

I decided to divide the topics into different level of experience. This seems like the best way to do it so that you can easily pick a starting point.

With all of this information i have to stress that the very first thing anyone should learn when they want to get into hacking is how to be ethical while doing it. Being an ethical hacker is what we are striving for here and not being a scammer or to use these techniques for bad. You are fully responsible for your own actions and you might face legal action if you use these techniques on hardware you do not own yourself or if you do not have permission to hack a system.

Absolute zero It's hard to describe this level because i don't think anyone starts from this level. Usually we all have a small bit of experience at the very least since most of us know how to turn on a computer and open a website. Otherwise i am quite sure you would not be reading this. That is why i am going to assume that you at the very least have a basic understanding of how computers work.

It is important to figure out exactly how they work though and not just on a basic level. You really need to investigate every single option of your computer including the command prompt. Make no mistake though, everyone will mess up at some point when they are learning and they will have to format their computers but that just part of the learning experience. For this reason i would recommend the first thing you learn is "How you format a computer".

Most of you will be starting out with windows and that's a good start for sure. Windows is what's known as an operating system and it's certainly not the only one.

For people who want to get to know their own computer to the core i recommend starting out with the following topics:

  • Hard disks vs RAM memory
  • What is an operating system?
  • Which operating systems are out there?
  • The command prompt
  • Defragmenting your computer
  • Setting up more than one user on a computer
  • The difference between admin users and normal users
  • Screen resolutions and sizes
  • How to connect different devices with different protocols such as a USB printer, a bluetooth mouse or a wireless network
  • Connecting to a network via cable and wifi
  • Different types of wifi passwords
  • VPNs and Proxy's
  • Setting startup apps
  • Learn about the different versions of windows
  • Learn about the history of windows up from windows XP. This will be useful because a lot of server still run on XP.
  • Gaming, yes the fun part! This is important because it teaches you about savegames and installing or repairing an installation
  • The BIOS
  • The command line
  • The windows registry
  • Defragmenting your HDD
  • The Master Boot Record
  • How applications and data are stored on your HDD and what happens if you remove a program to the bits
  • Hardware drivers + how to find the correct driver (Can be VERY tough)
  • 32 vs 64 bit windows
  • Installing Linux on a USB stick and starting from there with persistent storage
  • Installing Linux in dual boot

After that we all need to know the basics very well before we decide to even remotely think about hacking. I recommend you start with exploring your computer and it's settings and if you mess it up bad enough, just format it and try again. The best way to get to know something is to fix it up in my opinion so after you get to know your own computer, you might want to consider repairing other people's computers and maybe even making some cash in the process.

  • Formatting a computer
  • Repairing the Master Boot Record
  • Removing a virus by booting from CD or USB
  • Restoring a system restore point
  • Making a slow PC fast (This is a very tough one)
  • Debugging hardware issues by replacing one component at a time
  • Fixing hardware issues and building computers
  • SATA vs IDE
  • Cleaning the inside of a computer/laptop
  • Replacing the screen on a laptop
  • Replacing the screen on a phone
  • Replacing the battery on a phone

It may seem like this list contains some silly topics like "Replacing the screen on a phone" which might leave you wondering how the could contribute to you being a hacker but trust me, being a hacker is about more than just being able to hack software.

On that note i also have some non-software related topics you can pick up:

  • Lockpicking
  • Repairing stuff like your car
  • Repairing things around the house
  • Flying a drone

Moving upwards I think after learning all this, you can say to a reasoneable degree that you are no longer an absolute rookie. We can now work some more on the less basic topics and we are going to start with building projects for ourselves. It really helps to use these techniques to actually build projects you need as your motivation will be a lot higher to finish the project. I have a host of unfinished projects that could have went a different way if i created things i needed instead of doing the exact same thing the tutorial was doing.

  • Installing and using linux
  • The different linux distributions
  • Installing a virtual machine
  • Networking on a virtual machine
  • port fowarding
  • HTML, CSS and JS
  • Working with windows server
  • Active directory for windows and kerberos for linux
  • Group and domain policies from a domain controller
  • Raid (Not the game)
  • Webservers
  • Setting up your home network with a domain controller, print server and storage server

With all of this knowledge in our backpack, i think we can say that we are already pretty well on our way to becoming an amazing hacker but now we are going to take it a step further and we are going to program our own applications. I started out with building my own websites and tried to learn how to build websites for other people. Part of that was an emphasis on graphics design and part of it was technical.

  • Building a website in PHP
  • Connecting it to a database
  • Making a back-end to control the things your website shows
  • Making a website look good

These can be combined into a project. For example you can build a website to store all your games into which has a front-end to let you search the database. Next you can expand on it with the following:

  • Making a business oriented site like a webshop for your old clothes
  • How people make money by running a website
  • How people make money by drop-shipping
  • How people make money by filling in surveys online
  • How people make money by selling websites without having to rebuild them every time
  • How to make money by repairing computers without having to google the same problem every time
  • How to make money with affilliate marketing
  • How scammers make money

I put a lot of emphasis on making money in this section but that's because i want you to learn from them. You can try to make some money for yourself as well but you will realise that any legal way to make money is limited by how much time you have. Want to fill in surveys? You can average that out to 1$ an hour. Want to do dropshipping? You need to put in a lot of time and money. You will realise that people make it seem easy to make money online but it's really not easy at all.

All of this is related to hacking because you need to know every aspect of the internet to a degree. This will also help you see what you like and now we also need to talk a little bit about mentality.

The mindset of a hacker For me it becomes important to train your mind at a certain time to realise a couple of things:

  • You will have to learn a lot and keep learning forever
  • Learning has a curve to where a topic starts out as easy to learn but the more you learn the harder it becomes to learn more
  • Every topic has a difficulty curve
  • You need to google a lot to find good resources
  • Hacking will not be easy
  • You will need to learn a lot of basic topics to become a better hacker who's more proficient overall
  • You will need a lot of time to pick up these topics
  • Learning to learn is not easy (New article about that on thexssrat's medium soon)
  • Everything builds on top of each other

By realising this, you are starting to realise you need a certain mindset to become a good hacker and this is where a lot of people will have to take a hard look at themselves and see if this is what they want to keep doing. Not a lot of you will go on after this point and that's okay. We need people like you and you are amazing for even coming that far. Don't do yourself a disservice by stopping IT now but switch over to a career that leverages the skills you have been building.

For those you of deciding to go on, now the fun begins. It's time to buy yourself a raspberry pi and learn about some concepts:

  • Programming on a very limited system to handle resources
  • Creating several projects on the Raspberry Pi to develop patience. Personally i did a lot with the python edition of minecraft like making mods that would auto spawn random houses.
  • How botting in games work (PLEASE DO NOT EXECUTE THIS, ONLY LEARN IT FOR EDUCATIONAL PURPOSES). This was my entry into hacking a little bit.
  • Manipulating your local games with a hex editor like cheatengine
  • The TOR network and the hidden wiki. This is a bit dark but you need to see all aspects of our noble trade. Even the darker sides so you can help us fight them.
  • Get familiar with design patterns
  • Upload your projects to a repository or version management system
  • Working in the cloud so you can work on any computer

With all these concepts you can finally start to learn some things about hacking. We will start with some basic concepts and theories and move on to some more advanced techniques. We are becoming Script Kiddies and we can be proud of ourselves, no matter what others say. We did get this far and have dipped our toes into hacking a little bit.

Preparing our diving board into the hacking pool Now that we have our basics out of the way we should be able to move a lot faster throughout this topic but if something is unclear, do take the time to google and get to know it. It's not a shame to not know something and ask, it really is a shame if you move on and not investigate further. You've seen in previous chapters that every topic builds on top of the previous one so i hope you do take the time to research unknown topics.

  • Hacking your own PC: Logging in without entering a password
  • Making bots for single player games
  • Making hex edits for single player games you can reload
  • How to get around DNS filters
  • How to get around IP filters
  • How to play games when they are blocked by a firewall of your uni for example
  • How to load a program on a TI-84 calculator or something similar if you have it
  • Buy a NAS and hack it fully. My NAS came with a weird custom web interface and no SSH access but i hacked the thing to function as a proper NAS which was not easy.
  • Learn how to softmod your old game consoles like the Nintendo wii to play backups of your own games in case the discs break.

All of this has to be done very ethically and you have to make sure you are only backing up and playing games which you own. (Though i can't claim that i was an angel).

These are the fun things about hacking because they are spectacular and easily visible and they will help you get interested in hacking. At this point you can call yourself a Script Kiddie or SKiddie but again you should carry that title with pride because if you just scroll up you will realise how much it has taken to simply get to this point.

From now on i will also mention which resources i recommend which i neglected up to this point because i think these resources can easily be found by googling for 2 seconds.

Diving into the deep hacking world The hacking world is deep and complex and even within the discipline of hacking there are a lot of different specialities that you can focus your attention on. You will quickly realise that it's impossible to get into every single field of hacking and that you will need to make a choice.

From this point onwards you can branch out into hardware hacking, which i never did myself so i can't explain it properly or you can go more into software hacking which again has a lot of different subdomains. For these subdomains i can get you started but i don't know nearly enough to help you properly which is why i will be skipping most of them.

In my opinion we all start out in the same way though and i would highly recommend you to start striving for the OSCP certification at this point. Not only will it help you grow your hacking skills but it will also show you to different disciplines of hacking which will help you pick one you like. To strive for this we can take the following path.

  • Network and portscanning with nmap: https://nmap.org/book/man.html
  • Bash scripting: https://linuxconfig.org/bash-scripting-tutorial-for-beginners
  • Getting a shell and reverse shell: https://www.linkedin.com/pulse/reverse-shell-vs-bind-krishanu-chakraborty?articleId=6717337003555475456#:~:text=A%20reverse%20shell%20is%20a,connection%20from%20the%20attack%20box.
  • Passive information gathering: https://osintframework.com/
  • Vulnerability scanning: https://hackertarget.com/nikto-tutorial/
  • Web application hacking: https://www.youtube.com/watch?v=24fHLWXGS-M&ab_channel=TheCyberMentor
  • Finding bugs on exploit-db based on software and version numbers: https://www.exploit-db.com/
  • The metasploit framework: https://www.metasploit.com/get-started
  • Active directory hacking: https://www.varonis.com/blog/pen-testing-active-directory-environments-part-introduction-crackmapexec-powerview/
  • Beginner buffer overflows: https://medium.com/techloop/understanding-buffer-overflow-vulnerability-85ac22ec8cd3

With this you do not know all of the syllabus that the course will have to offer but it will give you a solid basis on which you can work. At this point i would advice you to take the OSCP training and certification if you have the possibility. It can be quite expensive though so not everyone has that possibility. It's okay if you can't, you don't need that piece of paper to prove anything but it's also an investment as it will help you land a job as a pentester much sooner.

Now comes the difficult choice, as you'll have seen by now there are different aspects to hacking and pentesting is just a little aspect of it. You are now an amazing hacker in my opinion and you've gotten this far already but it's only the beginning of your journey. From here on out you can:

  • Get into malware analyses
  • Get more into pentesting
  • Get into web app hacking and bug bounties
  • Get into hardware hacking with micro computers
  • Get more into buffer overflows
  • Go over to the blue team and get to see the other perspective
  • Become a freelance security consultant
  • Use your imagination …

Conclusion In this article we've looked at all the basis and getting them covered to find our identity in the hacking scene. I hope this can inspire some of you to follow your heart and make the right decision. Thank you so much for reading amazing hacker and i hope i will see you soon my youtube channel!

https://www.youtube.com/c/TheXSSrat