2 Networking Skills
You need to understand the basics of networking, such as the following.
- DHCP
- NAT
- Subnetting
- IPv4
- IPv6
- Public v Private IP
- DNS
- Routers and switches
- VLANs
- OSI model
- MAC addressing
- ARP
As we are often exploiting these technologies, the better you understand how they work, the more successful you will be. Note that I did not write the two guides below, but they are very informative and cover some of the networking basics mentioned above.
- Hacker Fundamentals: A Tale of Two Standards
- http://null-byte.wonderhowto.com/news/hacker-fundamentals-tale-two-standards-0133727/
- The Everyman‘s Guide to How Network Packets Are Routed
- http://null-byte.wonderhowto.com/how-to/hacker-fundamentals-everymans-guide-network-packets-are-routed-across-web-0134491/
3 Linux Skills
It is extremely critical to develop Linux skills to become a hacker. Nearly all the tools we use as a hacker are developed for Linux and Linux gives us capabilities that we don‘t have using Windows.
If you need to improve your Linux skills, or you‘re just getting started with Linux, check out my Linux series for beginners below.
- Linux Basics for the Aspiring Hacker
- http://null-byte.wonderhowto.com/how-to/linux-basics/
4 Wireshark or Tcpdump
Wireshark is the most widely used sniffer/protocol analyzer, while tcpdump is a command line sniffer/protocol analyzer. Both can be extraordinarily useful in analyzing TCP/IP traffic and attacks.
- An Intro to Wireshark and the OSI Model
- http://null-byte.wonderhowto.com/how-to/spy-your-buddys-network-traffic-intro-wireshark-and-osi-model-0133807/
- Wireshark Filters for Wiretappers
- http://null-byte.wonderhowto.com/news/8-wireshark-filters-every-wiretapper-uses-spy-web-conversations-and-surfing-habits-0134508/
5 Virtualization
You need to become proficient in using one of the virtualization software packages such as VirtualBox or VMWare Workstation. Ideally, you need a safe environment to practice your hacks before you take them out in real world. A virtual environment provides you a safe environment to test and refine your hacks before going live with them
6 Security Concepts & Technologies
A good hacker understands security concepts and technologies. The only way to overcome the roadblocks established by the security admins is to be familiar with them. The hacker must understand such things as PKI (public key infrastructure), SSL (secure sockets layer), IDS (intrusion detection system), firewalls, etc.
The beginner hacker can acquire many of these skills in a basic security course such as Security+.
- How to Read & Write Snort Rules to Evade an IDS
- http://null-byte.wonderhowto.com/how-to/snort/
7 Wireless Technologies
In order to be able to hack wireless, you must first understand how it works. Things like the encryption algorithms (WEP, WPA, WPA2), the four-way handshake, and WPS. In addition, understanding such as things as the protocol for connection and authentication and the legal constraints on wireless technologies.
To get started, check out my guide below on getting started with wireless terms and technologies, then read our collection of Wi-Fi hacking guides for further information on each kind of encryption algorithms and for examples of how each hack works.
- Getting Started with Wi-Fi Terms & Technologies
- http://null-byte.wonderhowto.com/how-to/hack-wi-fi-getting-started-with-terms-technologies-0147659/
- The Aspiring Hacker‘s Guide to Hacking Wi-Fi
- http://null-byte.wonderhowto.com/how-to/wi-fi-hacking/
The Intermediate Skills
This is where things get interesting, and where you really start to get a feel for your capabilities as a hacker. Knowing all of these will allow you to advance to more intuitive hacks where you are calling all the shots—not some other hacker.
8 Scripting
Without scripting skills, the hacker will be relegated to using other hackers‘ tools. This limits your effectiveness. Every day a new tool is in existence loses effectiveness as security admins come up with defenses.
To develop your own unique tools, you will need to become proficient at least in one of the scripting languages including the BASH shell. These should include one of Perl, Python, or Ruby.
- Perl Scripting for the Aspiring Hacker
- Scripting for the Aspiring Hacker, Part 1: BASH Basics
- Scripting for the Aspiring Hacker, Part 2: Conditional Statements
- Scripting for the Aspiring Hacker, Part 3: Windows PowerShell
- The Ultimate List of Hacking Scripts for Metasploit‘s Meterpreter
9 Database Skills
If you want to be able to proficiently hack databases, you will need to understand databases and how they work. This includes the SQL language. I would also recommend the mastery of one of the major DBMS‘s such SQL Server, Oracle, or MySQL.
- The Terms & Technologies You Need to Know Before Getting Started
- Hunting for Microsoft‘s SQL Server
- Cracking SQL Server Passwords & Owning the Server
- Hacking MySQL Online Databases with Sqlmap
- Extracting Data from Online Databases Using Sqlmap
10 Web Applications
Web applications are probably the most fertile ground for hackers in recent years. The more you understand about how web applications work and the databases behind them, the more successful you will be. In addition, you will likely need to build your own website for phishing and other nefarious purposes.
11 Forensics
To become good hacker, you must not be caught! You can‘t become a pro hacker sitting in a prison cell for 5 years. The more you know about digital forensics, the better you can become at avoiding and evading detection.
- Digital Forensics, Part 1: Tools & Techniques
- Digital Forensics, Part 2: Network Forensics
- Digital Forensics, Part 3: Recovering Deleted Files
- Digital Forensics, Part 4: Evading Detection While DoSing
12 Advanced TCP/IP
The beginner hacker must understand TCP/IP basics, but to rise to the intermediate level, you must understand in intimate details the TCP/IP protocol stack and fields. These include how each of the fields (flags, window, df, tos, seq, ack, etc.) in both the TCP and IP packet can be manipulated and used against the victim system to enable MitM attacks, among other things.
13 Cryptography
Although one doesn‘t need to be a cryptographer to be a good hacker, the more you understand the strengths and weaknesses of each cryptographic algorithm, the better the chances of defeating it. In addition, cryptography can used by the hacker to hide their activities and evade detection.
14 Reverse Engineering
Reverse engineering enables you to open a piece of malware and re-build it with additional features and capabilities. Just like in software engineering, no one builds a new application from scratch. Nearly every new exploit or malware uses components from other existing malware.
In addition, reverse engineering enables the hacker to take an existing exploit and change its signature so that it can fly past IDS and AV detection.
The Intangible Skills
Along with all these computer skills, the successful hacker must have some intangible skills. These include the following.
15 Think Creatively
There is ALWAYS a way to hack a system and many ways to accomplish it. A good hacker can think creatively of multiple approaches to the same hack.
16 Problem-Solving Skills
A hacker is always coming up against seemingly unsolvable problems. This requires that the hacker be accustomed to thinking analytically and solving problems. This often demands that the hacker diagnose accurately what is wrong and then break the problem down into separate components. This is one of those abilities that comes with many hours of practice.
17 Persistence
A hacker must be persistent. If you fail at first, try again. If that fails, come up with a new approach and try again. It is only with a persistence that you will be able to hack the most secured systems.
I hope this gives you some guidelines as to what one needs to study and master to ascend to the intermediate level of hacking. In a future article, I‘ll discuss what you need to master to ascend into the advanced or master hacker level, so keep coming back, my novice hackers!