How To Become a Master Hacker
Many of my aspiring hackers have written to me asking the same thing. "What skills do I need to be a good hacker?"
As the hacker is among the most skilled information technology disciplines, it requires a wide knowledge of IT technologies and techniques. To truly be a great hacker, one must master many skills. Don't be discouraged if you don't have all the skills I list here, but rather use this list as a starting ground for what you need to study and master in the near future.
This is my overview list of required skills to enter the pantheon of this elite IT profession. I've broken the skills into three categories to help you go from one rung to the other more easily fundamental, intermediate, and intangible skills and have included links to related articles on HackLikePro for you to get acquainted with.
Many of my aspiring hackers have written to me asking the same thing. "What skills do I need to be a good hacker?"
As the hacker is among the most skilled information technology disciplines, it requires a wide knowledge of IT technologies and techniques. To truly be a great hacker, one must master many skills. Don't be discouraged if you don't have all the skills I list here, but rather use this list as a starting ground for what you need to study and master in the near future.
This is my overview list of required skills to enter the pantheon of this elite IT profession. I've broken the skills into three categories to help you go from one rung to the other more easily fundamental, intermediate, and intangible skills and have included links to related articles on HackLikePro for you to get acquainted with.
๐ฐ These are the basics that every hacker should know before even trying to hack. Once you have a good grasp on everything in this section, you can move into the intermediary level.
โถ The Fundamental Skills โ
Basic Computer Skills
Networking Skills
Linux Skills
Wireshark or Tcpdump
Virtualization
Security Concepts & Technologies
Wireless Technologies
โถ The Intermediate Skills โ
Scripting
Database Skills
Web Applications
Forensics
Advanced TCP/IP
Cryptography
Reverse Engineering
โถ The Intangible Skills โ
Think Creatively
Problem-Solving Skills
Persistence
โถ The Fundamental Skills โ
Basic Computer Skills
Networking Skills
Linux Skills
Wireshark or Tcpdump
Virtualization
Security Concepts & Technologies
Wireless Technologies
โถ The Intermediate Skills โ
Scripting
Database Skills
Web Applications
Forensics
Advanced TCP/IP
Cryptography
Reverse Engineering
โถ The Intangible Skills โ
Think Creatively
Problem-Solving Skills
Persistence
๐ฐ The Five Phases of Hacking ๐ฐ
โฉThe five phases of Hacking are as follow:
1. Reconnaissance
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Covering Tracks
โฉThe five phases of Hacking are as follow:
1. Reconnaissance
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Covering Tracks
๐ฐ Reconnaissance:- ๐ฐ
โฏ This is the primary phase where the Hacker tries to collect as much information as possible about the target. It includes Identifying the Target, finding out the target's IP Address Range, Network, DNS records, etc.๐
โฏ This is the primary phase where the Hacker tries to collect as much information as possible about the target. It includes Identifying the Target, finding out the target's IP Address Range, Network, DNS records, etc.๐
๐ฐ Scanning:- ๐ฐ
โฏIt involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are seeking any information that can help them perpetrate attack such as computer names, IP addresses, and user accounts.๐
โฏIt involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are seeking any information that can help them perpetrate attack such as computer names, IP addresses, and user accounts.๐
๐ฐ Gaining Access:- ๐ฐ
โฏ After scanning, the hacker designs the blueprint of the network of the target with the help of data collected during Phase 1 and Phase 2. This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network (LAN, either wired or wireless), local access to a PC, the Internet, or offline. Examples include stack based buffer overflows, denial of service (DoS), and session hijacking. These topics will be discussed in later chapters. Gaining access is known in the hacker world as owning the system.๐
โฏ After scanning, the hacker designs the blueprint of the network of the target with the help of data collected during Phase 1 and Phase 2. This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network (LAN, either wired or wireless), local access to a PC, the Internet, or offline. Examples include stack based buffer overflows, denial of service (DoS), and session hijacking. These topics will be discussed in later chapters. Gaining access is known in the hacker world as owning the system.๐
๐ฐ Maintaining Access:- ๐ฐ
โฏ Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.๐
โฏ Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.๐
๐ฐ Covering Tracks:- ๐ฐ
โฏ Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files.๐
โฏ Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files.๐
๐ฐ Information Gathering ๐ฐ
Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system.
Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system.
๐ฐ Footprinting ๐ฐ
Footprinting is basically the first step where hacker gathers as much information as possible to find ways to intrude into a target system or at least decide what type of attacks will be more suitable for the target.
โDuring this phase, a hacker can collect the following information โ
โดDomain name
โดIP Addresses
โดNamespaces
โดEmployee information
โดPhone numbers
โดE-mails
โดJob Information
โโ @HackWorm โโ
Footprinting is basically the first step where hacker gathers as much information as possible to find ways to intrude into a target system or at least decide what type of attacks will be more suitable for the target.
โDuring this phase, a hacker can collect the following information โ
โดDomain name
โดIP Addresses
โดNamespaces
โดEmployee information
โดPhone numbers
โดE-mails
โดJob Information
โโ @HackWorm โโ
๐ฐ Maltego๐ฐ
So much information exists online that it's easy to get lost in data while researching. Understanding the bigger picture can take a lot of time and energy, but narrowing the question to one that's easy to answer is the first step of any investigation. That's why analysts use open-source intelligence (OSINT) tools like Maltego โ to help refine raw data into a complete understanding of a situation.
So much information exists online that it's easy to get lost in data while researching. Understanding the bigger picture can take a lot of time and energy, but narrowing the question to one that's easy to answer is the first step of any investigation. That's why analysts use open-source intelligence (OSINT) tools like Maltego โ to help refine raw data into a complete understanding of a situation.