What is Hacking?
Hacking is about identifying weaknesses and vulnerabilities of systems and gaining access to it.
A Hackers gets unauthorized access by targeting system while ethical hackers have an official permission in a lawful and legitimate manner to assess the security posture of a target system(s).
The goal of an ethical hacker is to reveal the system weaknesses and vulnerabilities for a company to document and fix them accordingly.
What Hacking is NOT?
There’s a few things we would like to clarify before you delve into becoming the next best hacker. This might burst your bubble especially if you are not fully motivated to pursue this career/hobby but, hacking is simply put, not something you can learn in a few days or even in a few months.
Yes, you will learn a lot in those days but to become a really good hacker or even one of the best, (and we’re not talking about showing a few awesome tricks to your friends for them to believe you are hacker) you will need to dedicate at least several years to be even worthy of being called a hacker.
Hacking is also not a “press one button” and somehow you got into a system or cracked a facebook account like in the movies. It takes weeks or even months to gather information about one company or target and exploit in the best possible way. Keep note that the more research you do, the more likely you will be able to pwn the target. (the same applies for learning for an exam. If you missed 2 chapters because you were lazy or didn’t double check that there’s additional information. That can cost you to fail, and in the hacking world that could mean you’re either busted or you didn’t present the correct information to your client).
Just like there are good and bad guys in the real world with different shades of their personality, the types of hackers vary by their agenda, methodologies and skill practice.
White Hat Hacker
Meet the right guys on the dark web. White hat hackers, also known as ethical hackers are the cybersecurity experts who help the Govt and organizations by performing penetration testing and identifying loopholes in their cybersecurity. They even do other methodologies and ensure protection from black hat hackers and other malicious cyber crimes.
Simply stated, these are the right people who are on your side. They will hack into your system with the good intention of finding vulnerabilities and help you remove virus and malware from your system.
Black Hat Hacker
Taking credit for the negative persona around “hacking,” these guys are your culprits. A black hat hacker is the type of hacker you should be worried. Heard a news about a new cybercrime today? One of the black hat hackers may be behind it.
While their agenda may be monetary most of the time, it’s not always just that. These hackers look for vulnerabilities in individual PCs, organizations and bank systems. Using any loopholes they may find, they can hack into your network and get access to your personal, business and financial information.
Gray Hat Hacker
Gray hat hackers fall somewhere in between white hat and black hat hackers. While they may not use their skills for personal gain, they can, however, have both good and bad intentions. For instance, a hacker who hacks into an organization and finds some vulnerability may leak it over the Internet or inform the organization about it.
It all depends upon the hacker. Nevertheless, as soon as hackers use their hacking skills for personal gain they become black hat hackers. There is a fine line between these two. So, let me make it simple for you.
Because a gray hat hacker doesn’t use his skills for personal gain, he is not a black hat hacker. Also, because he is not legally authorized to hack the organization’s cybersecurity, he can’t be considered a white hat either.
A derogatory term often used by amateur hackers who don’t care much about the coding skills. These hackers usually download tools or use available hacking codes written by other developers and hackers. Their primary purpose is often to impress their friends or gain attention.
However, they don’t care about learning. By using off-the-shelf codes and tools, these hackers may launch some attacks without bothering for the quality of the attack. Most common cyber attacks by script kiddies might include DoS and DDoS attacks.
Green Hat Hacker
These hackers are the amateurs in the online world of hacking. Consider them script kiddies but with a difference. These newbies have a desire to become full-blown hackers and are very curious to learn. You may find them engrossed in the hacking communities bombarding their fellow hackers with questions.
You can identify them by their spark to grow and learn more about the hacking trade. Once you answer a single question, the hackers will listen with undivided attention and ask another question until you answer all their queries.
Blue Hat Hacker
These are another form of novice hackers much like script kiddies whose main agenda is to take revenge on anyone who makes them angry. They have no desire for learning and may use simple cyber attacks like flooding your IP with overloaded packets which will result in DoS attacks.
A script kiddie with a vengeful agenda can be considered a blue hat hacker.
Red Hat Hacker
Red Hat Hackers have an agenda similar to white hat hackers which in simple words is halting the acts of Blackhat hackers. However, there is a major difference in the way they operate. They are ruthless when it comes to dealing with black hat hackers.
Instead of reporting a malicious attack, they believe in taking down the black hat hacker completely. Red hat hacker will launch a series of aggressive cyber attacks and malware on the hacker that the hacker may as well have to replace the whole system.
State / Nation Sponsored Hacker
State or Nation sponsored hackers are those who have been employed by their state or nation’s government to snoop in and penetrate through full security to gain confidential information from other governments to stay at the top online.
They have an endless budget and extremely advanced tools at their disposal to target individuals, companies or rival nations.
If you’ve ever come across social activists propagandizing a social, political or religious agenda, then you might as well meet hacktivist, the online version of an activist. Hacktivist is a hacker or a group of anonymous hackers who think they can bring about social changes and often hack government and organizations to gain attention or share their displeasure over opposing their line of thought.
Malicious Insider / Whistleblower
A malicious insider or a whistleblower may be an employee with a grudge or a strategic employee compromised or hired by rivals to garner trade secrets of their opponents to stay on top of their game.
These hackers may take privilege from their easy access to information and their role within the company to hack the system.
Getting your mindset right
Hackers solve problems and build things, and they believe in freedom and voluntary mutual help. To be accepted as a hacker, you have to behave as though you have this kind of attitude yourself. And to behave as though you have the attitude, you have to really believe the attitude.
But if you think of cultivating hacker attitudes as just a way to gain acceptance in the culture, you’ll miss the point. Becoming the kind of person who believes these things is important for you — for helping you learn and keeping you motivated. As with all creative arts, the most effective way to become a master is to imitate the mind-set of masters — not just intellectually but emotionally as well.
Or, as the following modern Zen poem has it:
To follow the path:
look to the master,
follow the master,
walk with the master,
see through the master,
become the master.
Repeat the following until you believe them:
1. The World is full of fascinating problems waiting to be solved.
Being a hacker is lots of fun, but it’s a kind of fun that takes lots of effort. The effort takes motivation. Successful athletes get their motivation from a kind of physical delight in making their bodies perform, in pushing themselves past their own physical limits. Similarly, to be a hacker you have to get a basic thrill from solving problems, sharpening your skills, and exercising your intelligence.
If you aren’t the kind of person that feels this way naturally, you’ll need to become one in order to make it as a hacker. Otherwise you’ll find your hacking energy is sapped by distractions like sex, money, and social approval.
(You also have to develop a kind of faith in your own learning capacity — a belief that even though you may not know all of what you need to solve a problem, if you tackle just a piece of it and learn from that, you’ll learn enough to solve the next piece — and so on, until you’re done.)
Creative brains are a valuable, limited resource. They shouldn’t be wasted on re-inventing the wheel when there are so many fascinating new problems waiting out there.
To behave like a hacker, you have to believe that the thinking time of other hackers is precious — so much so that it’s almost a moral duty for you to share information, solve problems and then give the solutions away just so other hackers can solve new problems instead of having to perpetually re-address old ones.
Note, however, that “No problem should ever have to be solved twice.” does not imply that you have to consider all existing solutions sacred, or that there is only one right solution to any given problem. Often, we learn a lot about the problem that we didn’t know before by studying the first cut at a solution. It’s OK, and often necessary, to decide that we can do better. What’s not OK is artificial technical, legal, or institutional barriers (like closed-source code) that prevent a good solution from being re-used and force people to re-invent wheels.
(You don’t have to believe that you’re obligated to give all your creative product away, though the hackers that do are the ones that get most respect from other hackers. It’s consistent with hacker values to sell enough of it to keep you in food and rent and computers. It’s fine to use your hacking skills to support a family or even get rich, as long as you don’t forget your loyalty to your art and your fellow hackers while doing it.)
Hackers (and creative people in general) should never be bored or have to drudge at stupid repetitive work, because when this happens it means they aren’t doing what only they can do — solve new problems. This wastefulness hurts everybody. Therefore boredom and drudgery are not just unpleasant but actually evil.
To behave like a hacker, you have to believe this enough to want to automate away the boring bits as much as possible, not just for yourself but for everybody else (especially other hackers).
(There is one apparent exception to this. Hackers will sometimes do things that may seem repetitive or boring to an observer as a mind-clearing exercise, or in order to acquire a skill or have some particular kind of experience you can’t have otherwise. But this is by choice — nobody who can think should ever be forced into a situation that bores them.)
Hackers are naturally anti-authoritarian. Anyone who can give you orders can stop you from solving whatever problem you’re being fascinated by — and, given the way authoritarian minds work, will generally find some appallingly stupid reason to do so. So the authoritarian attitude has to be fought wherever you find it, lest it smother you and other hackers.
(This isn’t the same as fighting all authority. Children need to be guided and criminals restrained. A hacker may agree to accept some kinds of authority in order to get something he wants more than the time he spends following orders. But that’s a limited, conscious bargain; the kind of personal surrender authoritarians want is not on offer.)
Authoritarians thrive on censorship and secrecy. And they distrust voluntary cooperation and information-sharing — they only like ‘cooperation’ that they control. So to behave like a hacker, you have to develop an instinctive hostility to censorship, secrecy, and the use of force or deception to compel responsible adults. And you have to be willing to act on that belief.
To be a hacker, you have to develop some of these attitudes. But copping an attitude alone won’t make you a hacker, any more than it will make you a champion athlete or a rock star. Becoming a hacker will take intelligence, practice, dedication, and hard work.
Therefore, you have to learn to distrust attitude and respect competence of every kind. Hackers won’t let posers waste their time, but they worship competence — especially competence at hacking, but competence at anything is valued. Competence at demanding skills that few can master is especially good, and competence at demanding skills that involve mental acuteness, craft, and concentration is best.
If you revere competence, you’ll enjoy developing it in yourself — the hard work and dedication will become a kind of intense play rather than drudgery. That attitude is vital to becoming a hacker.
Understanding the Attack Process
Attackers follow a fixed methodology. To beat a hacker, you have to think like one, so it’s important to understand the methodology. The steps a hacker follows can be broadly divided into five phases, which include pre-attack and attack phases:
- Performing Reconnaissance
- Scanning and enumeration
- Gaining access
- Maintaining access
- Covering tracks and placing backdoors
Let’s look at each of these phases in more detail so that you better understand the steps.
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance involves gathering information about a potential target without the targeted individual’s or company’s knowledge. Passive reconnaissance can be as simple as watching a building to identify what time employees enter the building and when they leave. However, most reconnaissance is done sitting in front of a computer.
Phase 2: Scanning
Internet Control Message Protocol (ICMP) scanners
Simple Network Management Protocol (SNMP) sweepers
Operating system (OS)
Phase 3: Gaining Access
Phase 3 is when the real hacking takes place. Vulnerabilities exposed during the reconnaissance and scanning phase are now exploited to gain access to the target system. The hacking attack can be delivered to the target system via a local area network (LAN), either wired or wireless; local access to a PC; the Internet; or offline. Examples include stack-based buffer overflows, denial of service, and session hijacking. Gaining access is known in the hacker world as owning the system because once a system has been hacked, the hacker has control and can use that system as they wish.
Phase 4: Maintaining Access
Phase 5: Covering Tracks
Using a tunneling protocol
Altering log files
Hacker Terminology and Attack Types
Attribution is the process of establishing who is behind a hack. Often, attribution is the most difficult part of responding to a major breach since experienced hackers may hide behind layers of online services that mask their true location and identity. Many incidents, such as the Sony hack, may never produce any satisfactory attribution.
Entering a protected system using a password can be described as going through the front door. Companies may build “backdoors” into their systems, however, so that developers can bypass authentication and dive right into the program. Backdoors are usually secret, but may be exploited by hackers if they are revealed or discovered.
A black hat hacker is someone who hacks for personal gain and/or who engages in illicit and unsanctioned activities. As opposed to white hack hackers (see below), who traditionally hack in order to alert companies and improve services, black hat hackers may instead sell the weaknesses they discover to other hackers or use them.
Is your computer part of a botnet? It could be, and you might not know it. Botnets, or zombie armies, are networks of computers controlled by an attacker. Having control over hundreds or thousands of computers lets bad actors perform certain types of cyberattacks, such as a DDoS (see below). Buying thousands of computers wouldn’t be economical, however, so hackers deploy malware to infect random computers that are connected to the internet. If your computer gets infected, your machine might be stealthily performing a hacker’s bidding in the background without you ever noticing.
A brute force attack is arguably the least sophisticated way of breaking into a password-protected system, short of simply obtaining the password itself. A brute force attack will usually consist of an automated process of trial-and-error to guess the correct passphrase. Most modern encryption systems use different methods for slowing down brute force attacks, making it hard or impossible to try all combinations in a reasonable amount of time.
You’ve probably heard of this one. A bug is a flaw or error in a software program. Some are harmless or merely annoying, but some can be exploited by hackers. That’s why many companies have started using bug bounty programs to pay anyone who spots a bug before the bad guys do.
A general term to describe breaking into a security system, usually for nefarious purposes. According to the New Hacker’s Dictionary published by MIT Press, the words “hacking” and “hacker” (see below) in mainstream parlance have come to subsume the words “cracking” and “cracker,” and that’s misleading. Hackers are tinkerers; they’re not necessarily bad guys. Crackers are malicious. At the same time, you’ll see cracking used to refer to breaking, say, digital copyright protections—which many people feel is a just and worthy cause—and in other contexts, such as penetration testing (see below), without the negative connotation.
Short for cryptography, the science of secret communication or the procedures and processes for hiding data and messages with encryption (see below).
A chip-off attack requires the hacker to physically remove memory storage chips in a device so that information can be scraped from them using specialized software. This attack has been used by law enforcement to break into PGP-protected Blackberry phones.
The dark web is made up of sites that are not indexed by Google and are only accessible through specialty networks such as Tor (see below). Often, the dark web is used by website operators who want to remain anonymous. Everything on the dark web is on the deep web, but not everything on the deep web is on the dark web.
This type of cyberattack has become popular in recent years because it’s relatively easy to execute and its effects are obvious immediately. DDoS stands for Distributed Denial of Service Attack, which means an attacker is using a number of computers to flood the target with data or requests for data. This causes the target—usually a website—to slow down or become unavailable. Attackers may also use the simpler Denial of Service attack, which is launched from one computer.
This term and “dark web” or “dark net” are sometimes used interchangeably, though they shouldn’t be. The deep web is the part of the internet that is not indexed by search engines. That includes password-protected pages, paywalled sites, encrypted networks, and databases—lots of boring stuff.
One of the most famous hacking conferences in the US and the world, which started in 1992 and takes place every summer in Las Vegas.
A digital passport or stamp of approval that proves the identity of a person, website or service on the internet. In more technical terms, a digital certificate proves that someone is in possession of a certain cryptographic key that, traditionally, can’t be forged. Some of the most common digital certificates are those of websites, which ensure your connection to them is properly encrypted. These get displayed on your browser as a green padlock.
The process of scrambling data or messages making it unreadable and secret. The opposite is decryption, the decoding of the message. Both encryption and decryption are functions of cryptography. Encryption is used by individuals as well as corporations and in digital security for consumer products.
A particular type of encryption where a message or data gets scrambled or encrypted on one end, for example your computer or phone, and get decrypted on the other end, such as someone else’s computer. The data is scrambled in a way that, at least in theory, only the sender and receiver—and no one else—can read it.
Evil maid attack
As the name probably suggests, an evil maid attack is a hack that requires physical access to a computer—the kind of access an evil maid might have while tidying his or her employer’s office, for example. By having physical access, a hacker can install software to track your use and gain a doorway even to encrypted information.
An exploit is a way or process to take advantage of a bug or vulnerability in a computer or application. Not all bugs lead to exploits. Think of it this way: If your door was faulty, it could be simply that it makes a weird sound when you open it, or that its lock can be picked. Both are flaws but only one can help a burglar get in. The way the criminal picks the lock would be the exploit.
On CSI, forensic investigations involve a series of methodical steps in order to establish what happened during a crime. When it comes to a hack, however, investigators are looking for digital fingerprints instead of physical ones. This process usually involves trying to retrieve messages or other information from a device—perhaps a phone, a desktop computer or a server—used, or abused, by a suspected criminal.
The UK’s equivalent of the US’ National Security Agency. GCHQ, or Government Communications Headquarters, focuses on foreign intelligence, especially around terrorism threats and cybersecurity. It also investigates the digital child pornography trade. “As these adversaries work in secret, so too must GCHQ,” the organization says on its website. “We cannot reveal publicly everything that we do, but we remain fully accountable.”
This term has become—wrongly—synonymous with someone who breaks into systems or hacks things illegally. Originally, hackers were simply tinkerers, or people who enjoyed “exploring the details of programmable systems and how to stretch their capabilities,” as the MIT New Hacker’s Dictionary puts it. Hackers can now be used to refer to both the good guys, also known as white hat hackers, who play and tinker with systems with no malicious intent (and actually often with the intent of finding flaws so they can be fixed), and cybercriminals, or “black hat” hackers, or “crackers.”
A “hacktivist” is someone who uses their hacking skills for political ends. A hacktivist’s actions may be small, such as defacing the public website of a security agency or other government department, or large, such as stealing sensitive government information and distributing it to citizens. One often-cited example of a hacktivist group is Anonymous.
Say you have a piece of text that should remain secret, like a password. You could store the text in a secret folder on your machine, but if anyone gained access to it you’d be in trouble. To keep the password a secret, you could also “hash” it with a program that executes a function resulting in garbled text representing the original information. This abstract representation is called a hash. Companies may store passwords or facial recognition data with hashes to improve their security.
Stands for Hypertext Transfer Protocol, with the “S” for “Secure.” The Hypertext Transfer Protocol (HTTP) is the basic framework that controls how data is transferred across the web, while HTTPS adds a layer of encryption that protects your connection to the most important sites in your daily browsing—your bank, your email provider, and social network. HTTPS uses the protocols SSL and TLS to not only protect your connection, but also to prove the identity of the site, so that when you type https://gmail.com you can be confident you’re really connecting to Google and not an imposter site.
An abbreviation of “Information Security.” It’s the inside baseball term for what’s more commonly known as cybersecurity, a term that irks most people who prefer infosec.
Circumventing the security of a device, like an iPhone or a PlayStation, to remove a manufacturer’s restrictions, generally with the goal to make it run software from non-official sources.
Modern cryptography uses digital “keys”. In the case of PGP encryption, a public key is used to encrypt, or “lock”, messages and a secret key is used to decrypt, or “unlock”, them. In other systems, there may only be one secret key that is shared by all parties. In either case, if an attacker gains control of the key that does the unlocking, they may have a good chance at gaining access to.
An internet-speak variation on “lol” (short for “laughing out loud”) employed regularly among the black hat hacker set, typically to justify a hack or leak done at the expense of another person or entity. Sample use: y did i leak all contracts and employee info linked to Sketchy Company X? for teh lulz
Stands for “malicious software.” It simply refers to any kind of a malicious program or software, designed to damage or hack its target. Viruses, worms, Trojan horses, ransomware, spyware, adware and more are malware.
A Man-in-the-Middle or MitM is a common attack where someone surreptitiously puts themselves between two parties, impersonating them. This allows the malicious attacker to intercept and potentially alter their communication. With this type of attack, one can just passively listen in, relaying messages and data between the two parties, or even alter and manipulate the data flow.
Metadata is simply data about data. If you were to send an email, for example, the text you type to your friend will be the content of the message, but the address you used to send it, the address you sent it to, and the time you sent it would all be metadata. This may sound innocuous, but with enough sources of metadata—for example, geolocation information from a photo posted to social media—it can be trivial to piece together someone’s identity or location.
The National Institute of Standards and Technology is an arm of the US Department of Commerce dedicated to science and metrics that support industrial innovation. The NIST is responsible for developing information security standards for use by the federal government, and therefore it’s often cited as an authority on which encryption methods are rigorous enough to use given modern threats.
A portmanteau of number and once, nonce literally means “a number only used once.” It’s a string of numbers generated by a system to identify a user for a one-time-use session or specific task. After that session, or a set period of time, the number isn’t used again.
OpSec is short for operational security, and it’s all about keeping information secret, online and off. Originally a military term, OpSec is a practice and in some ways a philosophy that begins with identifying what information needs to be kept secret, and whom you’re trying to keep it a secret from. “Good” OpSec will flow from there, and may include everything from passing messages on Post-Its instead of emails to using digital encryption. In other words: Loose tweets destroy fleets.
What do you do if you want to have an encrypted conversation, but it needs to happen fast? OTR, or Off-the-Record, is a protocol for encrypting instant messages end-to-end. Unlike PGP, which is generally used for email and so each conversant has one public and one private key in their possession, OTR uses a single temporary key for every conversation, which makes it more secure if an attacker hacks into your computer and gets a hold of the keys. OTR is also generally easier to use than PGP.
Using the same, crummy password for all of your logins—from your bank account, to Seamless, to your Tinder profile—is a bad idea. All a hacker needs to do is get access to one account to break into them all. But memorizing a unique string of characters for every platform is daunting. Enter the password manager: software that keeps track of your various passwords for you, and can even auto-generate super complicated and long passwords for you. All you need to remember is your master password to log into the manager and access all your many different logins.
Penetration testing or pentesting
If you set up a security system for your home, or your office, or your factory, you’d want to be sure it was safe from attackers, right? One way to test a system’s security is to employ people—pentesters—to purposely hack it in order to identify weak points. Pentesting is related to red teaming, although it may be done in a more structured, less aggressive way.
“Pretty Good Privacy” is a method of encrypting data, generally emails, so that anyone intercepting them will only see garbled text. PGP uses asymmetric cryptography, which means that the person sending a message uses a “public” encryption key to scramble it, and the recipient uses a secret “private” key to decode it. Despite being more than two decades old, PGP is still a formidable method of encryption, although it can be notoriously difficult to use in practice, even for experienced users.
Phishing is really more of a form of social engineering than hacking or cracking. In a phishing scheme, an attacker typically reaches out to a victim in order to extract specific information that can be used in a later attack. That may mean posing as customer support from Google, Facebook, or the victim’s cell phone carrier, for example, and asking the victim to click on a malicious link—or simply asking the victim to send back information, such as a password, in an email. Attackers usually blast out phishing attempts by the thousands, but sometimes employ more targeted attacks, known as spearphishing (see below).
Exactly what it sounds like—text that has not been garbled with encryption. This definition would be considered plaintext. You may also hear plaintext being referred to as “cleartext,” since it refers to text that is being kept out in the open, or “in the clear.” Companies with very poor security may store user passwords in plaintext, even if the folder they’re in is encrypted, just waiting for a hacker to steal.
Pwned is computer nerd jargon (or “leetspeak”) for the verb “own.” In the video game world, a player that beat another player can say that he pwned him. Among hackers, the term has a similar meaning, only instead of beating someone in a game, a hacker that has gained access to another user’s computer can say that he pwned him. For example, the website “Have I Been Pwned?” will tell you if your online accounts have been compromised in the past.
RAT stands for Remote Access Tool or Remote Access Trojan. RATs are really scary when used as malware. An attacker who successfully installs a RAT on your computer can gain full control of your machine. There is also a legitimate business in RATs for people who want to access their office computer from home, and so on. The worst part about RATs? Many malicious ones are available in the internet’s underground for sale or even for free, so attackers can be pretty unskilled and still use this sophisticated tool.
Ransomware is a type of malware that locks your computer and won’t let you access your files. You’ll see a message that tells you how much the ransom is and where to send payment, usually requested in bitcoin, in order to get your files back. This is a good racket for hackers, which is why many consider it now an “epidemic,” as people typically are willing to pay a few hundred bucks in order to recover their machine.
A rainbow table is a complex technique that allows hackers to simplify the process of guessing what passwords hide behind a “hash” (see above).
To ensure the security of their computer systems and to suss out any unknown vulnerabilities, companies may hire hackers who organize into a “red team” in order to run oppositional attacks against the system and attempt to completely take it over. In these cases, being hacked is a good thing because organizations may fix vulnerabilities before someone who’s not on their payroll does. Red teaming is a general concept that is employed across many sectors, including military strategy.
In most computers, “root” is the common name given to the most fundamental (and thus most powerful) level of access in the system, or is the name for the account that has those privileges. That means the “root” can install applications, delete and create files. If a hacker “gains root,” they can do whatever they want on the computer or system they compromised. This is the holy grail of hacking.
A rootkit is a particular type of malware that lives deep in your system and is activated each time you boot it up, even before your operating system starts. This makes rootkits hard to detect, persistent, and able to capture practically all data on the infected computer.
When protecting passwords or text, “hashing” (see above) is a fundamental process that turns the plaintext into garbled text. To make hashing even more effective, companies or individuals can add an extra series of random bytes, known as a “salt,” to the password before the hashing process. This adds an extra layer of protection.
This is a derisive term for someone who has a little bit of computer savvy and who’s only able to use off-the-shelf software to do things like knock websites offline or sniff passwords over an unprotected Wi-Fi access point. This is basically a term to discredit someone who claims to be a skilled hacker.
It’s been called “hacker’s Google,” and a “terrifying” search engine. Think of it as a Google, but for connected devices rather than websites. Using Shodan you can find unprotected webcams, baby monitors, printers, medical devices, gas pumps, and even wind turbines. While that’s sounds terrifying, Shodan’s value is precisely that it helps researchers find these devices and alert their owners so they can secure them.
Another function of PGP, besides encrypting messages, is the ability to “sign” messages with your secret encryption key. Since this key is only known to one person and is stored on their own computer and nowhere else, cryptographic signatures are supposed to verify that the person who you think you’re talking to actually is that person. This is a good way to prove that you really are who you claim to be on the internet.
Side channel attack
Your computer’s hardware is always emitting a steady stream of barely-perceptible electrical signals. A side-channel attack seeks to identify patterns in these signals in order to find out what kind of computations the machine is doing. For example, a hacker “listening in” to your hard drive whirring away while generating a secret encryption key may be able to reconstruct that key, effectively stealing it, without your knowledge.
Sniffing is a way of intercepting data sent over a network without being detected, using special sniffer software. Once the data is collected, a hacker can sift through it to get useful information, like passwords. It’s considered a particularly dangerous hack because it’s hard to detect and can be performed from inside or outside a network.
Not all hacks are carried out by staring at a Matrix-like screen of green text. Sometimes, gaining entry to a secure system is as easy as placing a phone call or sending an email and pretending to be somebody else—namely, somebody who regularly has access to said system but forgot their password that day. Phishing (see above) attacks include aspects of social engineering, because they involve convincing somebody of an email sender’s legitimacy before anything else.
Phishing and spearphishing are often used interchangeably, but the latter is a more tailored, targeted form of phishing (see above), where hackers try to trick victims into clicking on malicious links or attachments pretending to be a close acquaintance, rather than a more generic sender, such as a social network or corporation. When done well, spearphishing can be extremely effective and powerful. As a noted security expert says, “give a man a 0day and he’ll have access for a day, teach a man to phish and he’ll have access for life.”
Hackers can trick people into falling for a phishing attack (see above) by forging their email address, for example, making it look like the address of someone the target knows. That’s spoofing. It can also be used in telephone scams, or to create a fake website address.
A specific type of malware of malicious software designed to spy, monitor, and potentially steal data from the target.
State actors are hackers or groups of hackers who are backed by a government, which may be the US, Russia, or China. These hackers are often the most formidable, since they have the virtually unlimited legal and financial resources of a nation-state to back them up. Think, for example, of the NSA. Sometimes, however, state actors can also be a group of hackers who receive tacit (or at least hidden from the public) support from their governments, such as the Syrian Electronic Army.
Imagine a game of chess. It’s your turn and you’re thinking about all the possible moves your opponent could make, as many turns ahead as you can. Have you left your queen unprotected? Is your king being worked into a corner checkmate? That kind of thinking is what security researchers do when designing a threat model. It’s a catch-all term used to describe the capabilities of the enemy you want to guard against, and your own vulnerabilities. Are you an activist attempting to guard against a state-sponsored hacking team? Your threat model better be pretty robust. Just shoring up the network at your log cabin in the middle of nowhere? Maybe not as much cause to worry.
A small physical device that allows its owner to log in or authenticate into a service. Tokens serve as an extra layer of security on top of a password, for example. The idea is that even if the password or key gets stolen, the hacker would need the actual physical token to abuse it.
Tor is short for The Onion Router. Originally developed by the United States Naval Research Laboratory, it’s now used by bad guys (hackers, pedophiles) and good guys (activists, journalists) to anonymize their activities online. The basic idea is that there is a network of computers around the world—some operated by universities, some by individuals, some by the government—that will route your traffic in byzantine ways in order to disguise your true location. The Tor network is this collection of volunteer-run computers. The Tor Project is the nonprofit that maintains the Tor software. The Tor browser is the free piece of software that lets you use Tor. Tor hidden services are websites that can only be accessed through Tor.
Tails stands for The Amnesic Incognito Live System. If you’re really, really serious about digital security, this is the operating system endorsed by Edward Snowden. Tails is an amnesic system, which means your computer remembers nothing; it’s like a fresh machine every time you boot up. The software is free and open source. While it’s well-regarded, security flaws have been found.
The process by which reporters and security researchers go through hacked data and make sure it’s legitimate. This process is important to make sure the data is authentic, and the claims of anonymous hackers are true, and not just an attempt to get some notoriety or make some money scamming people on the dark web.
VPN stands for Virtual Private Network. VPNs use encryption to create a private and secure channel to connect to the internet when you’re on a network you don’t trust (say a Starbucks, or an Airbnb WiFi). Think of a VPN as a tunnel from you to your destination, dug under the regular internet. VPNs allow employees to connect to their employer’s network remotely, and also help regular people protect their connection. VPNs also allow users to bounce off servers in other parts of the world, allowing them to look like they’re connecting from there. This gives them the chance to circumvent censorship, such as China’s Great Firewall, or view Netflix’s US offerings while in Canada. There are endless VPNs, making it almost impossible to decide which ones are the best.
A computer virus is a type of malware that typically is embedded and hidden in a program or file. Unlike a worm (see below), it needs human action to spread (such as a human forwarding a virus-infected attachment, or downloading a malicious program.) Viruses can infect computers and steal data, delete data, encrypt it or mess with it in just about any other way.
Abbreviation for “vulnerability.” Another way to refer to bugs or software flaws that can be exploited by hackers.
Pronounced like the contraction for “where is” (where’s), warez refers to pirated software that’s typically distributed via technologies like BitTorrent and Usenet. Warez is sometimes laden with malware, taking advantage of people’s desire for free software.
A white hat hacker is someone who hacks with the goal of fixing and protecting systems. As opposed to black hat hackers (see above), instead of taking advantage of their hacks or the bugs they find to make money illegally, they alert the companies and even help them fix the problem.
A specific type of malware that propagates and replicates itself automatically, spreading from computer to computer. The internet’s history is littered with worms, from the Morris worm, the first of its kind, and the famous Samy worm, which infected more than a million people on MySpace.
A zero-day or “0day” is a bug that’s unknown to the software vendor, or at least it’s not patched yet. The name comes from the notion that there have been zero days between the discovery of the bug or flaw and the first attack taking advantage of it. Zero-days are the most prized bugs and exploits for hackers because a fix has yet to be deployed for them, so they’re almost guaranteed to work.
Coding/Programming – The Hackers Language
The hacker attitude is vital, but skills are even more vital. Attitude is no substitute for competence, and there’s a certain basic toolkit of skills which you have to have before any hacker will dream of calling you one.
This (coding), of course, is the fundamental hacking skill. Without programming you will never truly know what is happening behind the scenes. I mean, ask yourself this. Do you actually know what is happening when your computer boots up? Do you know how your windows are running your microsoft word or any other application? How are you even reading this on your browser right now? That amazing website you keep visiting, how was it built?
This is where programming comes into play. These are the type of questions you need to ask yourself throughout the journey and then find the answers. Understanding programming fluently, it will start to become clearer on how everything is built together.
Hacker 101 – Simple Setup
- Select Operating System
- Install a VPN and TOR Browser
- Get online Privacy Tools and a Secure Browser
- Create Fake Online Identity and become Anonymous
- Able to Access Dark Web, Darknet Markets and Onion links
- Join Hacking Forums and Discord Servers
- Watch Hacker Movies, Series & Documentaries
- Download Hacking Tools – Compiled List of Tools
- Get your Hacking Gear & Gadgets
- Read Hacking Books and signup to Hacking Courses
- Watch Hacking Tutorials on Youtube and SecurityTube
- Customize your Terminal and OS – Windows / Linux
- Change from GUI to Terminal – Windows CMD, WMIC, Powershell Commands and Linux Commands
- Build your own Virtual Hacking Lab
- Write your own exploits and use Exploit-DB with Hacker’s search engine for vulnerabilities
- Complete Capture The Flag challenges
Here’s a list of courses we believe you should take or read through in order to start your journey. If you are unable to attend somewhat a computer science degree at a top university the best way to go into this direction is to do the following courses which can be self taught with online classes.
Here’s a minimum requirement to follow, ask yourself this – Do you understand how a single computer works, know the different parts and their functions and how they interact with the operating system? If not, start with
- CompTIA A+
If you do know how a single computer works, do you know how they talk to each other? If not, start with
- CompTIA Network+ and Cisco’s CCNA
If you know a lot about computers and networking functionality, your next step should be
- CompTIA Security+
Those 3 courses are critical to begin with. Additional courses to go for next are:
- CompTIA Linux+
- CompTIA Server+ / MCSA: Windows Server
Now that you know pretty much the basics of how computers, networking and cryptography works. It’s time to learn how to code. Recommended courses to take in order.
- C / C++
Additional Information regards to the above list
If you don’t know any computer languages, we recommend starting with Python. It is cleanly designed, well documented, and relatively kind to beginners. Despite being a good first language, it is not just a toy; it is very powerful and flexible and well suited for large projects.
If you get into serious programming, you will have to learn C, the core language of Unix. C++ is very closely related to C; if you know one, learning the other will not be difficult. Neither language is a good one to try learning as your first, actually, the more you can avoid programming in C the more productive you will be.
C is very efficient, and very sparing of your machine’s resources. Unfortunately, C gets that efficiency by requiring you to do a lot of low-level management of resources (like memory) by hand. All that low-level code is complex and bug-prone, and will soak up huge amounts of your time on debugging. With today’s machines as powerful as they are, this is usually a bad tradeoff — it’s smarter to use a language that uses the machine’s time less efficiently, but your time much more efficiently. Thus, Python.
Other languages of particular importance to hackers include Perl and LISP. Perl is worth learning for practical reasons; it’s very widely used for active web pages and system administration, so that even if you never write Perl you should learn to read it. Many people use Perl in the way we suggest you should use Python, to avoid C programming on jobs that don’t require C’s machine efficiency. You will need to be able to understand their code.
LISP is worth learning for a different reason — the profound enlightenment experience you will have when you finally get it. That experience will make you a better programmer for the rest of your days, even if you never actually use LISP itself a lot. (You can get some beginning experience with LISP fairly easily by writing and modifying editing modes for the Emacs text editor, or Script-Fu plugins for the GIMP.)
It’s best, actually, to learn all five of Python, C/C++, Java, Perl, and LISP. Besides being the most important hacking languages, they represent very different approaches to programming, and each will educate you in valuable ways.
But be aware that you won’t reach the skill level of a hacker or even merely a programmer simply by accumulating languages — you need to learn how to think about programming problems in a general way, independent of any one language. To be a real hacker, you need to get to the point where you can learn a new language in days by relating what’s in the manual to what you already know. This means you should learn several very different languages.
Atleast completing the Comptia courses (basic ones listed above A+,N+,S+) and knowing 2 programming languages (bash & python) now its a good time to dive into the advanced courses.
Advanced Courses to take
CISSP – Certified Information Systems Security Professional
CISM/CISA – Certified Information Security Manager / Certified Information Systems Auditor
CEH – Certified Ethical Hacker
OSCP – Offensive Security Certified Professional
SANS (GSEC/GPEN/GWAPT) – Cyber Security Essentials Certification / GIAC Pentest /GIAC Web Application Penetration Testing
CREST – The Council for Registered Ethical Security Testers
Grab our Ultimate all in one IT Security Bundle which includes CISSP / CEH / CISM and CISA or take advantage of our VIP membership which includes over 100+ courses
Practice your Skills
They can be a little hard, you definitely won’t be spoonfed. You’ll probably get stuck at some point, but if you stick with it, you’ll learn more about computers than you ever thought possible.
There’s no better way to learn something than to experience it for yourself.And in the computer security world, Capture The Flag is the best way to learn by doing.
Read, read and read some more!
Becoming a Hacker you have multiple career pathways to choose from and successfully completing our recommended courses and guidance you will most likely have to make a choice.
Below you can find title description, important resources, tools and guides about each profession. Understanding all of them will gradually improve your hacking knowledge and overall expertise.
What this job does:
Security auditors and compliance staff evaluate and rate security programs and check organizations’ compliance with local, national, and international laws and standards. These standards can be required by law or merely ones that the organization chooses to strive for. For example, in the US, required standards include PCI for payment processors or HIPAA for medical records storage. Most formal security standards have regularly scheduled formal and informal inspections of documentation and procedures. Auditing and compliance staff perform these inspections, ensure compliance and improvement, and report their findings to leadership or regulatory agencies as required.
Where are the jobs:
Medium to large businesses, regulatory agencies, contract-based auditing firms.
What gives a candidate an edge:
Excellent organizational and report-writing skills. The ability to communicate courteously and diplomatically with all levels of an organization. Specific knowledge of applicable standards. Good certifications to have depend on the situation, For instance, the PCI Security Standards Council offers their own assessor certification.
Avoid this trap:
Assuming these jobs aren’t technical or demanding. In fact, many of these jobs require lots of travel (for on-site inspections), and a solid working knowledge of a wide array of security devices and concepts.
What this job does:
The other half of the “DFIR” team. When a breach or major security event occurs, this person coordinates the response and recovery teams, establishes a timeline of what happened, and figures out how to respond to it with the aid of other security roles, management, lawyers, and IT. Incidents can vary from data breaches to malware outbreaks, to phishing or APT response.
Where are the jobs:
Medium to large organizations, security contractors who provide DFIR services.
What gives a candidate an edge:
This job requires good analytical, organizational, and communication skills. Candidates need to be able to work well under high pressure and high stress situations at odd hours. This is not a job for people who don’t like to manage a project or a team, or report to senior leadership. Good certifications to have are GCIH and CISSP.
Avoid this trap:
Taking an incident response role when you aren’t comfortable taking charge and maintaining control of a situation, or writing extensive formal reports. You must have self-confidence and leadership skills to fulfill this role..
Remember that hacking takes a lot of time but its also rewarding, so be willing to go the extra mile, always be curious and expect to make some sacrifices to your social life.
Find a person, mentor or a friend that’s also in the hacking culture and ask them questions, question their thinking and just ultimately be prepared to take in as much information as possible.