Stupid question I know, but how do I start? Someone told me to download gentoo for linux, but I don't know which to download and it's hard cri
Is this bait
learn python
learn exploits
learn networking
script exploits with python
Now you can hack into systems.
next learn C and build malware. How? Ask your self: "What do I want to do with the computer I take over?" Want to steal their passwords/info? Keylogger/screen scraper. Want to use their computers resources? Write a program that connects to a server to take your commands. Make it do whatever you want.
Then there is ransom ware: just compress and encrypt your vistims data and make them pay bitcoin to decrypt it (you would want to target a small business).
If you're really smart, you'll build a worm, which is basically smart malware that spreads its self.
dont worry man esr has made a handy guide
http://www.catb.org/esr/faqs/hacker-howto.html
>>58933666
>stupid question
there are no stupid questions
jk you're retarded
>>58933759
>learn exploits
how?
>>58933807
same way you learn anything. google it, see what people have done before you, and figure out how their stuff works. then build something yourself.
>>58933666
Step 1:
hackertyper.net
Step 2:
F11
Step 3:
start hacking
>>58933807
https://cve.mitre.org/
>>58933807
Just look them up. Lots of websites run un-patched versions of software (apache/IIS/nginx/wordpress/mysql/etc). You can use programs like nmap to figure out what versions of server software and OS a website is running. You can scan all their ports and find software running that they may not even know about.
If you want to find exploits your self you're probably too stupid for that. Lots of people attempt mysql (database) exploits by sending SQL queries to input boxes on websites and seeing what happens, Look into fuzzing too. Fuzzing is where you send random information to a program to try to break it and make it dump sensitive data. Learn how the heartbleed exploit works.
>>58933830
Googling "exploits" gives me the definition of the word exploit.
Googling "list of exploits" gives me exploit-db which makes no sense at all and I assume is geared towards security pros who already know what an exploit is and how they work. Most of the stuff in there is undecipherable for someone who only knows Python.
>>58933846
I have no idea what I'm looking at.
>>58933973
>only knows Python
If you really want to be able to break (into) systems, you have to know how they work. People who are good at that stuff have immense amounts of knowledge and understanding on how systems are built.
Learn TCP/IP, UDP, HTTP, C, x86/ARM, Linux internals, bash scripting, PHP and basic cryptohraphy. Learn to use the basic tools that pentesters use (netcat, nmap, SSH, openssl, telnet, metasploit, and so on). Run a server yourself and try to break into it. Read books on the subject. Watch DEFCON talks. Follow infosec blogs.
>>58933666
First learn the fundamentals of computing. Networking, some basic coding, etc
Then figure out what kind of hacking you wanna do and study it. Some examples of specializations might be network devices, reverse engineering, binary exploitation, and more.
Cyber security is such a big field.
From website hacking, db hacking, binary exploitation, kernel hacking, network hacking, to hardware hacking, and so much more. And what I have mentioned themselves have tons of fields, take binary exploitation for example - you got to bypass stack canaries, ASLR, DEP, anti ROP, buffer overflows, logic bugs, debuggers, static analyzers, understand C, x86, x64, OS architecture. But wait there's more, OS architecture itself composes of many fields that need exploitation from page tables, RWX mem, usermode shellcode to kernel, anti-debuggers, OS kernel and many more. But oh boy, it gets deeper if you want a privesc than you need to understand how e.g. the Windows kernel works - then you need to use complicated tools like WinDbg, Ida, find undocumented kernel structures, and it goes on.
It's not an easy task.