Note: I have not written this article and I take no credit for the gathering of links or Resources. The original post was posted here and I am just sharing that post in this blog.
Learning to become hacker is not as easy as learning to become a
software developer. I realized this when I started looking for learning
resources for simple hacking people do. Even to start doing the simplest
hack on own, a hacker requires to have in depth knowledge of multiple
topics. Some people recommend minimum knowledge of few programming
languages like C, Python, HTML with Unix operating system concepts and
networking knowledge is required to start learning hacking techniques.
Though knowing a lot of things is required, it is not really enough for you to be a competent and successful hacker. You must have a passion and positive attitude towards problem solving. The security softwares are constantly evolving and therefore you must keep learning new things with a really fast pace.
If you are thinking about ethical hacking as a career option, you may need to be prepared for a lot of hard/smart work. I hope these free resources will help you speed up on your learning. If you decide you pursue ethical hacking as a career option, you may also want to read some in depth ethical hacking books.
A lot of people (including me before doing research for this article) think that they can become a hacker using some free hacking tools available on web. Its true that some common types of hacking can be easily done with help of tools, however doing it does not really make you a hacker. A true hacker is the one who can find a vulnerability and develop a tool to exploit and/or demonstrate it.
Hacking is not only about knowing "how things work", but its about knowing "why things work that way" and "how can we challenge it".
Below are some really useful hacking tutorials and resources you may want to explore in your journey of learning to hack
Though knowing a lot of things is required, it is not really enough for you to be a competent and successful hacker. You must have a passion and positive attitude towards problem solving. The security softwares are constantly evolving and therefore you must keep learning new things with a really fast pace.
If you are thinking about ethical hacking as a career option, you may need to be prepared for a lot of hard/smart work. I hope these free resources will help you speed up on your learning. If you decide you pursue ethical hacking as a career option, you may also want to read some in depth ethical hacking books.
A lot of people (including me before doing research for this article) think that they can become a hacker using some free hacking tools available on web. Its true that some common types of hacking can be easily done with help of tools, however doing it does not really make you a hacker. A true hacker is the one who can find a vulnerability and develop a tool to exploit and/or demonstrate it.
Hacking is not only about knowing "how things work", but its about knowing "why things work that way" and "how can we challenge it".
Below are some really useful hacking tutorials and resources you may want to explore in your journey of learning to hack
Hacking For Dummies - Beginners Tutorials
These tutorials are
not really simple for anyone who is just starting to learn hacking
techniques. However, these should be simple starting point for you. I am
sure you have different opinion about complexity of each tutorial
however advanced hacker are going to be calling this a job of script
kiddie (beginner hacker). Even to acquire the skills of a script kiddie
you need to have good understanding of computer fundamentals and
programming.
- Cybrary - For those looking to learn ethical hacking skills online, Cybrary provides the perfect platform to do so. Cybrary is a free online IT and cyber security training network that provides instruction in the form of self-paced, easy-to-follow videos. Featuring courses on topics such as Penetration Testing and Ethical Hacking, Advanced Penetration Testing, Post Exploitation Hacking and Computer and Hacking Forensics, Cybrary provides instruction from the beginner to the highly-advanced level of hacking. Additionally, Cybrary offers supplemental study material along with their courses free of charge. With their in-depth training videos and study guides, Cybrary ensures that users develop the best hacking skills.
- Hacking Tutorials for Beginners - By BreakTheSecurity.com
- How to learn Ethical hacking - By Astalavista.com
- Penetration Testing Tutorial - By Guru99.com
- Backtrack Penetration Testing Tutorial
- Introduction to Penetration Testing
- Information Gathering with Nmap
- Simple How To Articles By Open Web Application Security
- The Six Dumbest Ideas in Computer Security
- Secure Design Principles
- 10 steps to secure software
Cryptography Related Tutorials
Cryptography is
must know topic for any aspiring security professional or a ethical
hacker. You must understand how encryption and decryption is done. You
must understand why some of the old encryption techniques do not work in
modern computing world.
This is a important area and a lot of software programmers and professional do not understand it very well. Learning cryptography involves a lot of good understanding of mathematics, this means you also need to have good fundamentals on discrete mathematics.
This is a important area and a lot of software programmers and professional do not understand it very well. Learning cryptography involves a lot of good understanding of mathematics, this means you also need to have good fundamentals on discrete mathematics.
- Introduction to Public Key Cryptography
- Crypto Tutorial
- Introduction to Cryptography
- An Overview of Cryptography
- Cryptography Tutorials - Herong's Tutorial Examples
- The Crypto Tutorial - Learn How to Keep Secret Secret
- Introduction to cryptology, Part 1: Basic Cryptology Concepts
Websites For Security Related Articles And News
These are
some websites, that you may find useful to find hacking related
resources and articles. A lot of simple tricks and tips are available
for experimenting through these sites for improving yourself to become
advanced hacker.
In recent years, many people are aspiring to learn how to hack. With growing interest in this area, a lot of different types of hacking practices are evolving. With popularity of social networks many people have inclined towards vulnerability in various social networks like facebook, twitter, and myspace etc.
Continuous learning about latest security issues, news and vulnerability reports are really important for any hacker or a security professional. Some of the sites that keep publishing informative articles and news are listed here.
In recent years, many people are aspiring to learn how to hack. With growing interest in this area, a lot of different types of hacking practices are evolving. With popularity of social networks many people have inclined towards vulnerability in various social networks like facebook, twitter, and myspace etc.
Continuous learning about latest security issues, news and vulnerability reports are really important for any hacker or a security professional. Some of the sites that keep publishing informative articles and news are listed here.
- http://www.astalavista.com/
- http://packetstormsecurity.com/
- http://www.blackhat.com/
- http://www.metasploit.com/
- http://sectools.org/
- http://www.2600.com/
- DEF CON - Hacking conference
- http://www.breakthesecurity.com/
- http://www.hacking-tutorial.com/
- http://www.evilzone.org/
- http://hackaday.com/
- http://www.hitb.org/
- http://www.hackthissite.org/
- http://pentestmag.com
- http://www.securitytube.net/
- https://www.ssllabs.com/
EBooks And Whitepapers
Some of the research papers by
security experts and gurus can provide you a lot of information and
inspiration. White papers can be really difficult to read and understand
therefore you may need to read them multiple times. Once you
understand the topic well, reading will become much faster and you will
be able to skim through a lot content in less time.
- Handbook of Applied Cryptography - This ebook contains some free chapter from one of the popular cryptography books. The full book is also available on amazon at Cryptography Book.
- Network Penetration testing Guide
- How to hack anything in Java
- Mcafee on iPhone and iPad Security
- A Good Collection of White papers on security and vulnerabilities - This site contains collection of white papers from different sources and some of these white papers are really worth referring.
- Engineering Principles for Information Technology Security
- Basic Principles Of Information Protection
- Open Web Application Security Project - OWASP is one of the most popular sites that contains web application security related information .
Videos & Play Lists
Those who like to watch video
tutorials, here are few I liked. However there are many small video
available on youtube. Feel free to explore more and share with us if you
like something.
- Cryptography Course By Dan Boneh Stanford University
- Open Security Training- Youtube Playlist of More than 90 hours. I have found this to be the biggest free training available for security related topic.
- OWASP AppSec USA 2011: Youtube Playlist containing compilation of OWASP conference highlight in 2011.
- Defcon: How I Met your Girlfriend - Defcon is one of the most popular hacker conference. The presenters in this conference are well know inside the hacking industry.
- Defcon: What happens when you steal a hackers computer
- Defcon: Nmap: Scanning the Internet
- Public Key Cryptography: Diffie-Hellman Key Exchange
- Web application Pen testing
- Intro to Scanning Nmap, Hping, Amap, TCPDump, Metasploit
Forums For Hackers And Security Professionals
Just like any
other area, forums are really great help for learning from other
experts. Hundreds of security experts and ethical/non-ethical hackers
are willing to share their knowledge on forums for some reason. Please
keep in mind to do enough research before post a question and be polite
to people who take time to answer your question.
- Stackoverflow for security professionals
- http://darksat.x47.net/
- http://forums.securityinfowatch.com/
- http://forums.cnet.com/spyware-viruses-security-forum/
- http://www.hackforums.net/forumdisplay.php?fid=47
Vulnerability Databases And Resources
Vulnerability
Databases are the first place to start your day as a security
professional. Any new vulnerability detection is generally available
through the public vulnerability databases. These databases are a big
source of information for hackers to be able to understand and
exploit/avoid/fix the vulnerability.
- http://www.exploit-db.com/
- http://1337day.com/
- http://securityvulns.com/
- http://www.securityfocus.com/
- http://www.osvdb.org/
- http://www.securiteam.com/
- http://secunia.com/advisories/
- http://insecure.org/sploits_all.html
- http://zerodayinitiative.com/advisories/published/
- http://nmrc.org/pub/index.html
- http://web.nvd.nist.gov
- http://www.vupen.com/english/security-advisories/
- http://www.vupen.com/blog/
- http://cvedetails.com/
- http://www.rapid7.com/vulndb/index.jsp
- http://oval.mitre.org/
Product Specific Vulnerability Information
Some
of the very popular products in the world require a special attention
and therefore you may want to look at the specific security websites
directly from vendors. I have kept Linux. Microsoft and apache in this
list, however it may apply to any product you may be heavily using.
- Red Hat Security and other updates Site
- Microsoft Products Security Bulletin
- Apache Foundation Products Security Repository
- Ubunut Software Security Center
- Linux Security Repository
Tools And Programs For Hacking / Security
There are
dozens of tools available for doing different types of hacking and
tests. Tools are really important to become more productive at your
work. Some of the very common tools that are used by hackers are listed
here. You may have different choice of tools based on your own comfort.
Summary
I have tried to compile some of these
resources for my own reference for the journey of learning I am going to
start. I am not even at a beginner level of becoming hacker but the
knowledge of this field really fascinates me and keeps me motivated for
learning more and more. I hope will be able to become successful in
this.
A lot of people use their knowledge skills for breaking stuff and stealing. I personally think that doing harm to someone is a weak choice and will not have a good ending. I would recommend not to use your skills for any un-ethical endeavor. A single misuse of your skill may jeopardize your career since most companies do a strict third party background check before they hire a ethical hacker or a security personal.
There are dozens of companies looking for ethical hackers and security professionals. There are really good number of opportunities in this area and its really niche compensation segment. You will be easily able to get a decent job without even acquiring all the expert level skills to become a pro hacker.
A lot of people use their knowledge skills for breaking stuff and stealing. I personally think that doing harm to someone is a weak choice and will not have a good ending. I would recommend not to use your skills for any un-ethical endeavor. A single misuse of your skill may jeopardize your career since most companies do a strict third party background check before they hire a ethical hacker or a security personal.
There are dozens of companies looking for ethical hackers and security professionals. There are really good number of opportunities in this area and its really niche compensation segment. You will be easily able to get a decent job without even acquiring all the expert level skills to become a pro hacker.
0 comments :
Post a Comment