Wanna start hacking...
Okay i wanna start hacking.:| I am learning alot each day. I am starting to learn PHP. But what i dont get it is that hacking is most of the time about XSS and SQL INJECTION, etc. Where did you guys learn the stuff about hacking other than programming languages. I am confused about that part. Thats what i just wanna know. :D
well the SQL and XSS is were your wrong, theres millions of ways to breach and attack a site. there is XSS. then theres multiple forms of XSS.
to be honest. I don't really learn too too much off these types of sites. but i do learn those little things. you really have to start off at your own. people told me to learn a coding language… but, its boring and to me a waste of time, people pointed me to information gathering. So i can gather information but not understand what it is, because i know no xploits. So start off here.
start off with a SQL Injection or something. here is a list, go study these things.
XSS CSRF SQL Injection Search SQL Injection Login SQL Injection URL SQL Injection Cookie Poisoning Rooting
Trojans RATs Viruses Binders Keyloggers Anti Viruses
Learn how these things work.
that is where you start off. it takes time… ;)
Yeah, motivation is a huge part but it can be a bit overwhelming at first. There's a lot of information to sift through and without some direction, it can be difficult to choose what area to focus on. Everyone is different and has there own strengths and weaknesses so there really is no one definitive course. Obviously the more you learn the better and there are certain basics to understand but really, find something you enjoy, something that interests you and learn everything you can about it. Some things that will help you along the way:
html, javascript, php, c++, sql learn to recognize md5, DES, ntlm take some time to get familiar with both Windows and *nix and learn the basics of networking and it's various protocols
Those are a few tools that will help along the way. There are more. A lot more. It really doesn't matter where you start just start.
And one thing that is very often overlooked, especially at the begining: READ.
read, read, read, read and then read some more.
if your a windows user, start using *nix, itl make you learn how everything works when you want to do something, windows was horrible in delaying my learning process if programmings not your think, try learning another scripting language like python or perl, learn about networking sockets and how to transfer data from one computer to another, doing this in linux is alot easier than in windows learn as much as you can about networking, read about tcp/ip model and the OSI networking model learn about binary and hexadecimal learn about how different types of exploits work, such as buffer overflow exploits download vmware or qemu or ms virtual pc, set up some virtual servers and a mini virtual lan with some windows and linux pcs, make sure they can all communicate, install a firewall on one, a windows server on the other, a linux server on the other a couple of desktop machines etc, make them all connect through your firewall play with the firewall, alot play with your servers alot, and google securing various server software and operating systems use nmap to scan your firewall and find out what information you can find even through a firewall (lookup firewalking) intsall and exploit local and remote software across your lan(milw0rm, security-focus) do some packet sniffing on the network, learn about how you can sniff on a switched lan, download some programs to do this (ettercap, dsniff, wireshark) then once you can do this and can attack your network in a few ways go and write some mini scripts to accomplish the same task, now you know what your doing it will be alot easier
I think we all posted something like this when we first started up. I would say learn networking. How data is carried, how firewalls work etc.
I top from me would be look into certificates such as CISSP and see what is covered in order to get the certificate
and i hate to say it as it all what you hear all the time, but use google.
=]