General Hacking Knowledge
Is there any free web page (Google does not count) I can get the knowledge needed to get a Security Expert Certification or Ethical Hacker Certificate (or more)? I am not planning on taking one, I just want some knowledge on hacking.
EDIT: I have to redefine my request. I want to learn hacking techniques and how they work. I know some basic stuff, but I want to learn more advanced techniques.
[img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img] [img]http://www.hellboundhackers.org/forum/viewthread.php?forum_id=63&thread_id=15872[/img]
http://catb.org/esr/faqs/hacker-howto.html
This is the link that got me started. You need to really soak in what is being published.
After that, google will teach you everything you need to know. I would suggest picking up C++ or Python. If you choose python, get used to sockets, urlib, urllib2, and ctypes.
That should get you started.
spyware wrote: "hacking" doesn't quite cover what you have to know to hack. If you need a solid foundation, install linux and learn C and perl.
I know C++ and I installed Linux a month ago. I have edited my post, since you didn't quite understand what I meant.
techb wrote: http://catb.org/esr/faqs/hacker-howto.html
This is the link that got me started. You need to really soak in what is being published.
After that, google will teach you everything you need to know. I would suggest picking up C++ or Python. If you choose python, get used to sockets, urlib, urllib2, and ctypes.
That should get you started.
This is also the link that got me started, six months ago. I know C++ as mentioned above.
Well, after the edit your question makes much more sense :P It's still a bit broad, but I'll try to provide something useful:
-
Books, there are plenty. Some of them are more of entertainment than learning exact methods, but still very useful. Expensive too, unfortunately, but there's pirated PDF's for that if you can't afford the books. Although I find a actual book easier to keep with.
-
Exploit sites (Exploit-db, Milw0rm, packetstorm…), there are a lot of these sites, but it's cool to read through the vulnerabilities and such.
-
Papers - Some of the exploit sites have sections for papers, other than that I don't know of any specific sources to find many.
-
This OWASP database has an outline of the names of common web attacks, and from there you could google more information into things you want to learn.
-
Do the challenges on this site. Yes, a lot of people think the challenges suck. In truth, they do. Most of them are poorly coded and require specific answers when it's clear you already understand the general concept well enough. However, they do teach you things if you can bear with them.
-
Security blogs. There's lots of RSS feeds out there to subscribe to, if you have the time/patience to read through them. Most of it's crap, but some have interesting stuff.
-
Learn how stuff like Metasploit works. There are tons of tutorials explaining things in the Metasploit framework. Even if you don't continue to use it, you can learn the methods just from the tutorials.
Well, that's my best shot at giving locations to find information. Hope some of it was useful. Best thing to keep in mind is to just read everything you can get your hands on.
maug wrote: I wanted to add that I don't think it is all too great when people study for a cert to learn about something.
If you read my post, then you had to notice that i am not planning on taking a cert, I just want to learn. Thanks for the advice.
maug wrote: edit: hehe, nice lamb of god sig. lamb of god, children of bodom, god forbid, and suicidal tendencies all together was a crazy show.
I am planning on making the sig smaller, it takes up too much space. Too bad I didn't see the show.
The following link should serve only as guide for your own independent research. This is NOT a definitive knowledge source, as no such source exists.
http://www.subspacefield.org/security/security_concepts/
You're Welcome. :happy:
maug wrote: I was categorizing what you learn about by the certs. It doesn't matter if you plan on taking the cert, you can still look up learning resources for the cert.
I am studding through Cisco Academy at my college, and the course material for the security portion was this book. It teaches at a higher level of security. It is a bit dated, but will serve as a excellent guide.
wolfmankurd wrote: Just use wikipedia. start with SQL injection, Buffer overflow and just follow links as you find them, tjhe middle click( or ctrl+left click) in firefox is your friend. Just so you understand the basics then just read up around the subject.
Thanks. I know SQL injection and Overflows and XSS and CSRF abd stuff like that so I was a little stuck