Alright so it's been a long time since I've written my original guide on becoming a hacker. I've been through the ringer and learned a thing or two here and there. There was some stuff I had on my last guide that was right, and a lot of shit that was just flat out wrong. I wanted to really re-write this and hope people truly get something good out of it. This updated version is written with experience, and I am certain that with it you will either decide if this is truly for you, or if you want to get the fuck out. Also after many years, I'm going to drop the whole philosophy bullshit. Hacking is like an act of violence, you are intentionally wanting to cause harm to someone else, doesn't matter who suffers, that's all there is to it, and nothing further from that.So let's begin.
[ + ] Starting Off
You came here because you want to learn how to hack. No, correction, you came here because you think you want to learn hacking. But first I want to warn you of the dangers of thinking you want to learn hacking.
I have been through a lot in my life, I would say I'm a bit of a polyglot in many fields. I've extensively studied (highly in depth for all) video game development, data engineering, machine learning, 3D artistry, networking. And now my recent endeavor has been a stronger focus on hacking. And I have to say out of all the things I previously listed, hacking has got to be the most infuriating, most evil, most psychologically taxing thing I have ever done in my entire life. It is very hard, and after wasting nearly half a year on and off on it, I am left a miserable, angry wreck.
The very first thing you should know about hacking is that this field will in fact drive you mad, crazy, possibly even scar you emotionally, belittle you and destabilize your hopes for the future. Right now, you may not be able to tell from the tone of how I am writing this, but I am extremely pissed the fuck off, tired, and confused. And writing this is like my escape from the misery that is learning how to hack. In this field you will also have to learn to take many losses, and what I mean about that is an overwhelming sense of defeat because you will for sure lose while learning.
You probably overlooked the comment I made about hacking and psychology. I hope you didn't, because I'm dead fucking serious. This field is meant to fucking break your ego to bits. Down to the point where you realize at some point something you once valued, will no longer have meaning. I want to preface this that if you suffer from depression, or some disorder where feeling defeat makes you feel worse, then you need to get the fuck out of this website right now and find something else to give you a sense of meaning. I'm not even playing about that. On top of that, to learn this stuff, you will be terminally online in your computer doing and working on shit so if you feel like you don't have a significant amount of time to spend your fucking days off being in front of a god damn computer screen for hours, then you're at the wrong place and need to leave this website. This is not a good thing to begin learning if you are a family man, or anything of that nature.
[ + ] A Message for Teenagers
Additionally, if you are a teenager, I highly recommend you fuck off and find something else to do, as this is not going to get you laid, I promise that the only thing this will do is fuck up your social skills from being developed. Not long ago, I was in a discord where hackers gather and this fucking guy comes into chat posting a screenshot of his chat dm with one of his discord friends, and the conversation pretty much just shows his friend trying to reach out to this fucking degenerate loser idiot with no social skills, laughs it off complaining that this guy keeps bothering him at the worst times. So I point out to him that he has shit social skills, and doesn't know how to talk to people. He asks me then, what should he do? I told him "Instead of ignoring him, tell him that he's calling you at the worst times, but you'll go talk to him later tonight." He replied back "That worked." Well yeah no shit you fucking dipshit.
This guy I am talking about to you right now, is no ordinary person, he is a high ranking hacker who has more credibility than I do. But as you saw, he's completely oblivious to the idea that when you ignore someone who is trying to reach out to you, you are basically dehumanizing them. Little things like that you learn through socializing, talking, making friends, going out in the world, etc. So you see, you don't want to become whatever that fucking guy was. A socially inept idiot will not survive society. And unfortunately, many hackers I've come across (not on Soldier X) are like these fucking idiots. Don't be like this, if you are a teenager, you are still young and have more to look forward to in life. Your pre-frontal cortex doesn't stop developing until the age of 25, where by that point your personality is pretty much ingrained in your system, it's part of the reason why I don't recommend people start drinking until that age. But yeah the last thing you want to fucking do is end up a terminally online anti social basement dweller, or worse. Get the fuck outside, go skating, go learn to make art, hell even go play dungeons and dragons, but DO NOT waste your fucking youth away crammed on a computer screen. If you have to just go learn to work with your hands get into plumbing or fixing cars that sorta shit, but don't waste your time on computers (beyond learning how to build one of course).
[ + ] A Message for a Dying World
Talking about the anti social nature of hacking, leads me to talk about a growing problem that is also arising within the society. And this is for all the fucking teenagers who decided to keep reading this shit. I know you little shits don't like to listen when someone tells you to not jump off a cliff so I have to further the point greatly now. AI has become a real fucking problem from a social standpoint. People in society have become so fucking obsessed with technology that they have forgotten how to socialize. AI has only helped with masturbation. Before you would have anxiety, now it's full on take my hand and guide me through life. Like fuck me, when I think about it, I only think about how brain dead people have become. It's gotten so bad that teenagers don't even know how to talk to people anymore. I've approached some people once in a while and they can't even turn their head to look at you, because they were never educated in manners, or they have zero survival instincts, or fuck it, I'll just say it, their fight or flight response just kicks when someone they don't know starts talking to them. And then one little fucking multi billion dollar company creating the masturbator machine makes an advertisement displaying the phenomenon:
In the video Google shows, how this girl cannot communicate to her friends that she doesn't wanna hang out with them, and it's so accurate. This is sad and pathetic honestly this is what technology has done. If I didn't go through great effort to fix my flaws I would've been like that fucking girl who can't even tell her friends she don't wanna eat fucking food with them. It's sad it really is. We, as a society have been so fucked by technology that now everyone is afraid of how they appear to the rest of the world.
With respect to AI, the tool is never the issue, in fact it's use in hacking is something to behold. But in all honesty it is like a car or a gun. You can do bad things with either, whether something bad occurs, is up to the hands that hold the tool.
[ + ] Prerequisites
Alright time to get to work, hopefully you're not some teenager. I hope I've communicated the psychological aspect that comes with hacking thoroughly, as well as the dangers of being terminally on the internet. If you have decided to go through, you've been warned.
Before you start the rest of this guide, if you do not like to read a lot, you need to leave this website, or the field of hacking altogether.
I cannot stress this enough. You may make a mistake of going through the rest of the guide, not knowing what lies in the end, and surprise this is what you will be doing about 85% of the time you are hacking. So if you're not into something like book reading or reading academic studies, or things of that nature, you will waste a ridiculous amount of time (70-90 days) learning the basics only to realize you've been stumped into something you hate.
Before you start learning hacking, you will need one skill to start off, and it's networking.
There is no ifs or buts, you have to go through it whether you like it or not. It also goes without saying that you will also want to get acquainted and get comfortable with using Linux and Windows, and by that I mean understanding a lot (not the whole thing), but enough experience to the point where you can understand how to read permissions, look for files through a system using find
on Linux or Powershell on Windows, and have a good understanding of how these systems work internally. These are essential. I am not going to suggest to you resources for understanding both operating systems. On that you are on your own. I will however point you to my favorite course where I initially learned networking, hell with it you can take the Network+ exam if you feel cocky enough so here it is:
Mike Meyers actually makes learning networking fun and engaging. I don't think he has a lab where you can practice setting up routing protocols and other things like that, but Cisco's packet tracer which you can download from NetAcad should be good enough and easy to work with his examples throughout the course.
Now this is my suggestion, it's not a requirement (well actually it will be later down the line), but you should get skills in Web Development. Specifically you want to target the trinity of HTML, CSS, JavaScript, you also really want to learn PHP if you can, why PHP? Because roughly 75% of the internet runs on it. Additionally not required but suggested, you want to have some skill with various RDBMS (Relational Database Management System), more particularly you want to get skilled in one that the industry uses a lot (currently MySQL and Oracle Database), as it will help down the line with SQL injections and understanding them. Again these things are not required to start hacking, but they will definitely help you a lot. And when I say learn I don't mean learn them thoroughly, just having a good grasp on how to read and work with both things are good enough.
[ + ] Starting with hacking
To start with hacking you will need an academy/school to teach you. In ye olde times you wouldn't have these programs, but today they exist, and you can use them to learn, and will become a valuable resource in your journey. There's a few schools you can go through, the one I went to is HackTheBox, who initially started off as a site where you had to break into by hacking into it, and is now a fully fledged learning platform. The others are great and my honest recommendations.
HackTheBox - Very aggressive, little hands holding, will throw you off a cliff
Try Hack Me - A lot of hands holder, easier to get through basics, will throw you off a cliff later
Pwn.Academy - Basically a college course, it's free and can get you through the basics
Offsec's Pen-200 - If you have a lot of money, this is the industry standard, it's honestly not bad from what I hear, it prepares you for OSCP.
Hack Academy - I don't know these guys but I like to get my news from them sometimes. Specifically tailored for OSCP.
Each platform is tailored to specifically for your improvement as a hacker. in fact I would say if I were new (which I am at the time of writing this), I would take pwn.college along with one of the other four, because there's stuff that is not taught in there that the other platforms don't dive deep enough into like reversing.
I should make a disclaimer that this is only to begin. You can become a pentester or bug bounty hunter, or whatever it doesn't matter, in the end hacking is just hacking.
Additionally, no matter what every form of hacking out there except for reversing, will come from a website. So one other mention I should point out is related to everyone's favorite web proxy (Burpsuite), and it's Portswigger Academy:
You go to this after you completed one of the paths in the academies mentioned previously. About 85% of your time will be spent on doing web attacks in order to break into a network. One more resource I can point out for learning how to write malware is maldev academy, you go through this after you learned how to program in Nim and C with the Win32 API and POSIX Syscalls(trust me you want to do it after you learned those things):
[ + ] After you finish school
After you finish school, it is time to engage in CTF challenges. The academies I presented from before have lab environments where you can actually practice CTF challenges. But in reality they were never real, they were only a means to teach you the basics. Certain platforms will curate challenges for active and seasonal boxes, and it is your job that you go through these challenges to understand actual hacking.
CTF is where the big boys play, and it's where you're going to suck the most when you start. Everything in this field is dictated as a skill. Hacking is a skill, you learn by trail of fire. I'm sure you already knew that and are asking why I'm stating the obvious. The reason why is because it leads into my next point, the other skills you need in order to learn, the hidden ones that keep you from being great at this or completely sucking at it.
I'm going to be real with you. Certifications for hacking eventually become dusted trophies. Technically I would compare their value to just being paper weight in the grand scheme of things, the reason why is because as you go through CTF challenges, you will realize that everything you learned in the academy is going to be mostly worthless, especially as you get closer and closer to real world scenarios. So if you got a certification, good for you, pat yourself in the back, if you didn't or failed an exam, then don't worry it's not a reflection of how your future is going to look like as a hacker (unless you decide to quit), again it's just paperweight, not the real deal, the real world ain't in those certs.
[ + ] Approaching CTF
Approaching CTF challenges is a skill, CTF challenges also teach you skills indirectly. They're basically soft skills, nothing explicit, instead the moral or lesson in each box you hack is built from a story and you have to be analytical about what the actual lesson is. You will discover that hacking is not rooted in your ability to know how to use the tools that you are taught how to use, but how to think about solving the problem. A strategy if you will.
Now, I've asked some folks regarding the matter of how one should approach CTF challenges. In essence, CTF challenges are either in season or out of season. Starting off you want to start with out of season boxes, as they will build the foundation of TTPs (Tactics Techniques and Procedures) that you will need in order to advance. Additionally out of season machines will have writeups for them where you can learn how hackers rooted them. You should expect spend at minimum a time frame of about 6 to 8 months on these out of season CTF challenges (and I'm at like week 2 now as of writing this).
But something that is not often talked about is how to actually learn with CTF challenges, which is really important and none of the academies listed will teach you. So I will teach you.
When it comes to hacking, what you must understand is the thought process you are taking, not the hack itself.
Basically a CTF challenge will teach you a new technique for hacking. Whether or not you can integrate it into your memory, depends on how well you have understood the thought process behind the technique. The question you should be asking after each CTF challenge you look at the writeup for is:
If I were to give myself this box to attack on my own blind, without ever seeing it, would I be able to complete it? If not, what do I need to learn more about or adopt to my routine so that I can root it?
This all sounds super simplistic in nature, but the reality is that I've dumbed it down for you. In reality it's a lot harder than it appears, because you can forget over time what it was you did and so on. You will learn about new tools and software you don't know about as you attack as you engage in levels of frustration trying to hack something.
Most of the time you are hacking CTF, there will be something you wont know about. And this is actually where the reality of hacking kicks in:
Most of the time you are hacking something, you will have to engage in reading long and terse documentation for software, languages, and libraries apart from reading the writeups.
A person who I consider my former mentor who I have to give a shoutout to who (and was on this platform, I have no idea what happened to him) used to tell me a long time ago when I was a lazy fuck, that I need to read the documentation. My stupid ass just shrugged it off when I shouldn't have. But essentially, these writeups for the CTF challenges will teach you some TTPs, but it is your job to read the documentation for the things you don't know about. And the amount of reading you have to do is a FUCK YOU level of reading.
[ + ] Navigating a thought process
I want to give you an overview of how to navigate a thought process, I really like my academy, HackTheBox, in particular an individual named ippsec who frequently uploads CTF challenges from HTB onto YouTube. And by watching his videos often he will explain some of his thought process behind what he's doing to get root on these machines. It can help but it's not the be all and end all of thought processes.
As an example, I want to go over a recent machine I just worked on called Soccer. The machine deals with a website that albeit can be broken into with weak credentials, but to actually get a foothold requires a lot of work that you wont know about. So let's assume a point of reference, I have explored the first vhost I got into a file manager within a hidden directory I had fuzzed out. With the file manager, I uploaded a PHP webshell, that I then queried to get into the system (don't worry if you don't understand any of this).
Now that I'm in the system, I have no idea what to do. I am the currently the wrong user (www-data), because www-data is just a user that exist for the sole purpose of managing the server hosting platform. So what do I do? Well if I recall correctly, I had done an nmap scan that revealed some hidden HTTP based service on port 9091. Given that the hosting server is Nginx (pronounced engine X), I should look for and see how I can find out where to look for configuration files (this particular thinking is something that comes over time with experience). So I go over and I learn about Nginx in their official documentation here:
So I read through it, and I figure out where the default configuration file is, I also learn how Nginx runs by having a master process that controls what are essentially slave processes, and so on. So off I go and inspect the config file for Nginx on my system. So I look at it, but what happens is that there's nothing on it. FUCK! A dead end. So what happens next is through sheer intuition, I recall that my operating system is Ubuntu, so maybe, what if there's a specific way to configure websites hosted in Nginx with Ubuntu? So through the power of google dorking I see and stumble on this website from Ubuntu regarding Nginx:
Ubuntu's guide on Nginx configurations
And I see a new directory that holds where all the vhosts are /etc/nginx/sites-enabled/
so what do I do? I go to that directory and see two config files, one for the vhost I'm currently getting a shell on, and other where the mysterious 9091
port resides. I then add the vhost into my /etc/hosts
file in my attacking machine and proceed to hack the rest of that vhost in order to get the user account I need to SSH into the system with.
---
[ + ] Epilogue
So that's it. The guide on how to start all of this shit. I did forget to mention the importance of programming languages, it comes much later in your journey, once you are up to the point where you are writing tools and exploits to use on your own. Also reversing is technically hacking, and is critical to know for finding Zero day exploits, but that will come over time. The best resource I've found for learning reversing is Yurichev's guide on reversing:
Yurichev's Guide (you can buy the book on his website in the description)
He has a discord where other reverse engineers gather, it's an unsurprisingly small number of people, it's also worthwhile to note a brilliant guide on ASM 64 bit, for that I always go to his website and buy it.
Again this is for much later once you get really good at what you do. Some other honorable mentions book wise I don't want to include links for these, are from no starch press, you can find their site online easily:
Bug Bounty Hacker's Handbook (worthwhile especially if you only went through pwn.academy)
Evading EDR
The Linux Programming Interface
Effective C
Introduction to System Programming (not out yet)
C++ Crash Course
Blackhat Go
Practical Malware Analysis (amazingly still relevant)
I haven't read them all as I've been busy with CTF and HTB in general. But they're good books to look at.
[ + ] Illegal Hacking
Also I want to sort of end this by making a comment on blackhat hacking. When you're engaging in it you're going to be at the root of the tightest security companies have to offer these days. I know of places where you can buy tools to hack certain websites and things in the dark web, but I will never share them with you, so do NOT fucking ask me about it, I have never used them nor do I encourage their use. You are taking great risks by going through the endeavor.
A problem with modern security systems is that you will be subjected to tighter and tighter restrictions in Infrastructure (hence why I mentioned Evading EDR earlier as book to read), modern problems as they say require modern solutions, if you're good enough you'll figure it out. Last night before writing this a user who I accredit the information to named m0n0chr0m3b34r (I don't believe he engages in illegal acts) detailed that people who are new tend to run nmap scans that when you run a SYN scan on a sensitive part of an internal network, you will trigger alarms on many corporate infrastructures, it's very easy to get caught if you don't fully understand what you are doing, and often times people who are new will fall for these traps without knowing.
If you are caught hacking you should be aware of the consequences you face:
Basic Hacking - Can get you up to 5 years in prison per offense.
Causing Damage - Can get you up to 10 years in prison per offense.
Repeated Offenses - Can get you up 20 years in prison per offense.
Knowing these numbers, you should have a good lawyer and escape plan in case things go south. And whatever you do as my mentor said YOU KEEP YOUR FUCKING MOUTH SHUT. Remember these numbers are just rough estimates, more than likely you won't get that many years and even be placed on probation (we have had some members in SX who went through this so feel free to ask around for advice from them, even the creator of this site went to jail for hacking but I don't know if he's around anymore). Whatever you do, DO NOT SNITCH. Talking to police can lead to even bigger problems once you leave the prison system. Make sure you thoroughly understand the first 10 amendments of the constitution, known as the Bill of Rights. One of those rights, particularly the 5th, one allows you to be silent so you don't further incriminate yourself.
Police interrogations are tailored with specific tactics they use to psychologically break you, there are many videos on YouTube explaining their tactics from things like mimicking body language to get you to talk. If you never open your mouth they will never get anything from you. So just keep it in your best interest that you do the time if you get caught. Blackhat work is very rough and high risk, but the payout is indeed great (I've gathered this from Jack Rhysder's stories https://www.youtube.com/@JackRhysider ). But usually it comes at a heavy cost.
And the last thing I can say is don't talk about what you do to anyone. Not even other inmates. Not even relatives (your pets are fair game). Look you just cannot trust anyone. Even the people you work with can rat you out. There are snitches in jail that don't get stitches, and go unnoticed. And to be fair most of the hackers that were caught, they were caught because most of them posted their kills on social media. So it's paramount you learn to stay and be anonymous. I frankly am not going to help you with that.
[ + ] The End
I want to end this by giving a shout out to what I consider my mentor, he goes by the nick of Shinobi, but he's not around anymore, many thanks for implanting the seed those many years ago back when I was in college.
I also wanna thank m0n0 for his input and CATWatch for continuing to host this site to this day. Peace.