Getting started in pentesting!!!
You also want to get started with pentesting & hacking? There are thousands of guys want to get started with pentesting and hacking but they don't have any clue that where they should start. So i quickly wrote this articles so that you can get started very easily without any confusion.
NOTE: Hacking is a long way since it is a research. You need to change your mind completely and be 100% serious that you will start studying to be a hacker or a pentester. If you want to hack for temporary fun, inspire your friend then being a script kiddie is okay(Keylogger and RAT). This is not possible to learn hacking in few months , it may take 3-10 years to be a good one. So you take one option of 1.Become Script Kiddie , 2. Become professional pentester or hacker, security researcher. Up to you!!!
Basic
1. Basic of Networking: Understanding of networking really important since everything we need to do over network. So you should have a good understanding of tcp/ip and OSI models.
2. Programming: Programming is very important for being a hacker or pentester. Because we must know how a program and system really works. Also Without programming skills it is hard to find a vulnerability. Most important languages you should learn are:
Python.
C/C++
Assembly
PHP
Intermediate
1. Become A System Administrator: Yes, you need to be a system administrator of Linux and Windows both. If you can't be a good system administrator then it is not possible to be a good pentester.
2. Writing codes: Write basic code. You don't need to be software developer. But programming is the best weapon to solve your problem. For example, You want to complete a task automatically(such as deleting a file), Checking hundreds of file permission etc. So write codes!!! Maybe 10-50 lines of codes can do very powerful work for you.
3. Read some online articles, resource:
4. Try to go deeper of the Operating System: Yes, Understand the internal of OS(Windows,linux). If you want to be hacker then you need to know the Operating System very well.
Intermediate+
1. Virtualization : Get vmware workstation or virtual box . Install various operating system such windows xp,7, redhat,debian etc. Install some additional software and run your port scanner, vulnerability scanner etc.
2. Old Application and known vulnerability: go to exploit-db.com and get some vulnerable application. Install them on your vm and re-create the exploit. Use your debugger and knowledge. You should install various software including Web or system software. You may get owasp "broken web application".
3. Pentesting distro: Install Kali(Backtrack) Linux and use the tools against your vm.
4. Hack: Hack yourself and hack the vm before going to real world.
Advance
You will understand when you are need of advance knowledge and what is meaning of "advance".
There are lots of things you need to become a successful hacker. Everything can take 1,2 or 3 even more years. You need to be patience and serious about hacking. It is not possible to hack or we can't learn to hack within few days. Just keep going until success and the success will be waiting for you :). Various Books on pentesting is really really very helpful. I will write another new post with review of some books to learn hacking more quickly.