become a HACKER :-
------------------------------
1. Learn TCP/IP, Basic Information gathering,
Proxies, Socks, SSL, VPN, VPS, RDP, FTP,
POP3, SMTP, Telnet, SSH.
2. Learn Linux, Unix, Windows - You can do
this using vmware or any virtual desktop
utility.
3. Learn a programming language that's
compatible with all OS - Perl, Python, C .
4. Learn HTML, PHP, Javascript, ASP, XML,
SQL, XSS, SQLI, RFI, LFI
5. Learn Reverse engineering and crack some
programs for serials easy ones like mirc,
winzip, winrar or old games.
6. Code a fuzzer for common protocols - ftp,
pop3, 80, 8080 - Pick some free software like
ftp server, mail server, apache or iis webserver
or a webserver all-in-one pack, or teamspeak,
ventrilo, mumble.
7. Code a tool that uses grep to sort out
unique code in source codes.
8. Make a custom IPtable, IPsec firewall that
blocks all incoming traffic and out going traffic
and add filters to accept certain ports that
your software or scripts use.
9. Pick a kernel in linux or unix, also pick a
Microsoft OS version lets say Winxp pro sp2
put them on the virtual desktops (vmware) and
find and code a new local exploit in those
versions, then install a Apache webserver on
the Linux/Unix and a IIS webserver on the
winxp pro and attempt to find and code a new
local reverse_tcp_shell exploit.
10. Learn Cisco Router and Switch
configuration and setup.
11. Learn Checkpoint Setup and Config
12. Learn Wifi scanning, cracking, sniffing.
13. Pick a person in you phonebook for the
area code you live in or city then ring the
person on a anonymous line like skype or a
payphone or a carded sim and attempt to
social engineer the person for his name,
address, data of birth, city born, country born,
ISP connected with, Phone company connected
with, What bank he/she uses and anything else
you can get. Then Attempt to ring using a
spoof caller ID software with the person's
phone number - call the ISP and try reset the
password to his/her internet connection/
webmail, get access to bank account or ask
them to send out a new *** to a new address
(drop) with a new pin, reset of phone company
passwords.
14. Use your information gathering skills to get
all the information off a website like a shop
then use the spoof callerID software or hack
your phone to show a new number of the
Webserver's Tech Support number then ring
the shop owner and try get the shop site
password.
15. Do the same thing but attempt to use a
web attack against a site or shop to gain
admin access.
16. Once got access upload a shell and
attempt to exploit the server to gain root using
a exploit you coded not someone else s
exploit.
17. Make your own Linux Distro
18. Use your own Linux Distro or use a vanilla
Linux gnome (not kde) keep it with not much
graphics so you can learn how to depend on
the terminal and start from scratch install
applications that you will only need for a
blackbox (Security test box), make folders for
fuzzers, exploits, scanners..etc Then load them
up with your own scripts and other tools ( By
this stage you shouldn't need to depend on
other peoples scripts).
19. Learn macosx and attempt to gain access
to a Macosx box whether it be your own or
someones else s.
20. Create a secure home network and secure
your own systems with your own Security
policies and firewall settings.
All this isn't a over night learning it will take a
nice 3 - 4 years to learn a bit of this 5+ years
to learn most of it and even then you may
need time to keep learn as IT keeps changing
everyday.
No comments:
Post a Comment