top of page
Search
Writer's pictureSumeet
Aug 3, 20195 min read

THE COMPLETE GUIDE TO START HACKING

"A computer hacker is any skilled computer expert that uses their technical knowledge to overcome a problem. While "hacker" can refer to any skilled computer programmer, the term has become associated in popular culture with a "security hacker", someone who, with their technical knowledge, uses bugs or exploits to break into computer systems. "


PLEASE READ THE TERMS WRITTEN AT THE END OF THE BLOG BEFORE PROCEEDING FURTHER


OK. YOU KNOW WHO A HACKER IS AND WHAT HE DOES. BUT HOW DOES A HACKER BREAK INTO SUCH SECURE SYSTEMS?


THERE'S A BIG PROCESS INVOLVED, AND WE'LL TRY TO COVER EVERYTHING IN THIS BLOG.


STEP 0:


STEP 1:

UNDERSTANDING THE BASIC TERMINOLOGIES


TYPES OF HACKERS


WHITE HAT HACKERS - THESE ARE THE GOOD GUYS. THEY HACK SYSTEMS TO TEST THEIR SECURITY AND ARE HIRED BY COMPANIES TO WORK FOR THEM. THEY ARE COMMONLY REFERRED TO AS ETHICAL HACKERS


BLACK HAT HACKERS - THESE ARE THE BAD GUYS. THEY HACK FOR FUN AND PROFIT AND HAVE A MALICIOUS INTENT. THEY ARE HIGHLY SKILLED AND QUITE DANGEROUS


GREY HAT HACKERS -THEY FALL SOMEWHERE IN THE MIDDLE. YOU GET ME.


SCRIPT KIDDIES - THESE ARE THE WANNABE HACKERS WHO THINK THEY CAN HACK NASA WHEN THEY LEARN HTML. THEY USE BLINDLY FOLLOW SCRIPTS WITHOUT UNDERSTANDING THEM, WHICH MAY BE DANGEROUS SOMETIMES.


HACKTIVISTS -THESE ARE THE HACKERS THAT HACK FOR POITICAL OR SOCIAL CAUSES.

GROUPS SUCH AS ANONYMOUS FALL INTO THIS CATEGORY




SUICIDE HACKERS - THEY KNOW THEY'LL GET CAUGHT, BUT THEY FIND THE REWARDS TOO GREAT AND THUS THEY TAKE THE RISK.


CYBER TERRORISTS - THE NAME IS ENOUGH EXPLAINED


NATION STATES - ULTRA FUNDED, ULTRA MOTIVATED, THESE STATE BACKED HACKERS CAN DO ANYTHING. CHANCES ARE, YOU ALREADY HAVE A BACKDOOR IN YOUR PHONE TATS BEEN PANTED BY THEM.




STEP 2:

SOME BASIC TERMINOLOGIES YOU SHOULD KNOW


STEP 3:

NETWORK BASICS AND SYSTEM FUNDAMENTALS

HERE'S A LINK TO A LINUX FUNDAMENTALS THAT YOU SHOULD REFER TO https://www.linuxtrainingacademy.com/linux-commands-cheat-sheet/


STEP 4:

GETTING STARTED


I WOULD NOT RECOMMEND YOU TO USE WINDOWS FOR HACKING. INSTEAD, YOU SHOULD USE AN OS LIKE KALI LINUX OR PARROT OS.

HERE'S A GUIDE ON HOW TO INSTALL KALI LINUX ON VIRTUAL BOX https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox


HERE'S A GUIDE ON HOW TO INSTALL PARROT OS ON VIRTUAL BOX


IN THIS TUTORIAL, I'LL BE ASSUMING THAT YOU'RE USING KALI LNUX


STEP 5:

PHASES OF HACKING


FOOTPRINTING

SCANNING

ENUMERATION

SYSTEM HACKING

POST EXPLOITATION



FOOTPRINTING

AS THE NAME IMPLIES, FOOTPRINTING IS THE PROCESS IN WHICH YOU GATHER IMPORTANT DATA SUCH AS IP ADDRESSES EMPLOYEE DETAILS ETC.


GOALS OF FOOTPRINTING


IP ADDRESS GATHERING

OPEN YOUR TERMINAL AND TYPE PING EXAMPLE.COM

YOU SHOULD SEE THE SITE IP



EMPLOYEE DETAILS THROUGH PEOPLE SEARCHING SITES LIKE ANWHO.COM OR LINKEDIN.COM


OFFICE LOCATIONS


EMAIL IDs


OS INFORMATION


REVERSE DNS LOOKUPS THROUGH WHOIS


WHOIS INFORMATION HEAD OVER TO WHOIS.NET AND ENTER THE URL OR IP ADDRESS

ALTERNATIVELY, YOU CAN USE MYIP.MS TO DO THE SAME


myip.ms OUTPUT

USING TRACERT (WINDOWS) OR TRACEROUTE (LINUX)

OPEN YOUR TERMINAL AND TYPE traceroute example.com





SCANNING

ONCE YOU HAVE THE IP ADDRESS(EASY STUFF), WE NEED TO SCAN THE IP FOR OPEN PORTS AND SERVICES RUNNING.

THERE ARE SEVERAL TOOLS, BUT THE MOST WIDELY USED IS NMAP, OR ZENMAP(GUI VERSION). HOWEVER, I RECOMMEND YOU TO USE NZAP, AN AUTOMATED SCANNING TOOL THAT I'VE CREATED TO MAKE SCANNING EASIER FOR BEGINNERS.


HERE'S A LINK TO MY NZAP TOOL https://github.com/SUMEETRM/NZAP




ON KALI LINUX OR PARROT OS, NMAP AND ZENMAP COME PRE-INSTALLED


HERE'S A GOOD DOCUMENT EXPLAINING SCANNING CONCEPTS AND SCRIPTS USING NMAP.

http://wix.to/28DeAwI

NOTE: IF YOU WANNA MASTER SCANNING, YOU SHOULD READ THE NMAP COOKBOOK.


FOR MORE INFORMATION ON NMAP, HEAD OVER TO NMAP.ORG


ENUMERATION

NOW THAT WE KNOW WHICH PORTS ARE RUNNING, WE NEED TO FIND MORE DETAILS SUCH AS PORT VERSIONS, SERVER INFORMATION ETC.


USING NETCRAFT

HEAD OVER TO https://toolbar.netcraft.com/site_report?url=THEHACKERFORUM.COM AND ENTER YOUR URL. YOU SHOULD BE ABLE TO SEE A RISK RATING AND SERVER INFORMATION



USING WAPPALYZER

IT IS A BROWSER EXTENSION THAT GIVES INFORMATION ON THE FRONT END AND BACK-END INFORMATION


DIRECTORY FUZZING

YOU CAN USE TOOLS SUCH AS DIRBUSTER FOR DIRECTORY FUZZING TO GAIN IMPORTANT INFORMATION

https://sourceforge.net/projects/dirbuster/




SUBDOMAIN INFO

HEAD OVER TO https://www.virustotal.com/gui/home/search AND ENTER THE URL




PORT AND OS DETAILS

NMAP -sV EXAMPLE.COM for port service and version detection

MAP -O EXAMPLE.COM for Operating System detection


YOU CAN ALSO USE SEVERAL AUTOMATED SCANNERS LIKE SPARTA, NIKTO, ACUNETIX, BURPSUITE ETC.


RICHARD BLOG


EDIT:SOMEONE JUST RECOMMENDED ME TO USE PS TOOLS SUITE FROM


SYSTEM HACKING:

NOW COMES THE FUN PART. WE'VE GOT ENOUGH INFORMATION TO ATTACK THE TARGET.


USING METASPLOIT:

ONE OF THE SEVERAL OPTIONS IS USING METASPLOIT

I'M UPLOADING A BLOG SOON


DATABASE HACKING

SQL INJECTION


BYASSING LOGIN FIELDS





USING EXPLOIT DB


BURPSUITE

BLOG COMING UP SOON. FOR NOW, HEAD OVER TO https://portswigger.net/burp/documentation



OK. SO I PRESUME WE'VE GOT INTO THE SYSTEM USING ONE OF THE ABOVE METHODS. NOW WHAT



POST EXPLOITATION

GOOD. NOW THAT WE'RE COVERED WITH THE PHASES OF HACKING, THE BLOG'S COME TO AN END.

NO IT HASN'T. THE PART THAT YOU'RE WAITING FOR IS HERE


WIFI HACKING

HERE'S A BLOG THAT I'VE WRITTEN https://www.thehackerforum.com/post/wifihacking

ANDROID HACKING

Next Week

WINDOWS HACKING

Next Week

SNIFFING

HERE'S AN AWESOME PDF THAT I REFERRED TO WHILE GETTING STARTED

DOS AND DDOS

THESE ARE THE MOST DANGEROUS FORMS OF CYBER ATTACKS. I WON'T TEACH YOU HOW TO PERFORM A DOS ATTACK HERE FOR A SPECIFIC REASON

HERE'S HOW A DOS ATTACK WORKS

YOU BOMBARD THE HOST WITH PACKETS UNTIL SERVER CAPACITY IS MAXED OUT


HERE'S WHAT HAPPENS AFTER YOU START BOMBARDING


YOU CAN DOWNLOAD LOIC FROM HERE https://sourceforge.net/projects/loic


MALWARE

Adware - A type of malware that displays advertisements on your computer and collects data about your browsing habits without your consent

Keylogger - Malicious software that tracks the keystrokes on a computer and transmits the data to another location so it can be used to detect usernames and passwords that are typed on a computer

Ransomware - Software that locks a computer and retains control until the user pay a certain amount of money

Rootkit - A type of software designed to open a backdoor into areas of operating system that are not supposed to be available and to mask its presence while doing so. It is used to deploy other types of malware.

Spyware – Software designed to steal user data such as website logins and passwords or proprietary information and trade secrets off machines it has infected

Trojan – Malicious software that seems legitimate but contains other software that attacks the system in some way after tricking a user into activating it.

Virus – A type of malware that attaches itself to an application and then spreads to other programs and computers on the same network through an infected host file, causing a variety of damage when the application is run.

Worm – Software that infects a computer and then replicates itself from system to system on its own without the help of a host file.


YOU CAN USE JPS VIRUS MAKER FOR TESTING( https://tradownload.uk/results/jps-virus-maker-3-0.html) , AND IF YOU HAVE ANY FILE THAT YOU THINK HAS MALWARE, UPLOAD IT TO virustotal.com AND CHECK.

PASSWORD CRACKING

I've already given quite a lot of info in the login bypassing section.

Here are some good tools





CAR HACKING
CRYPTOGRAPHY
DARK WEB
SOCIAL ENGINEERING

PLEASE NOTE:I AM NOT RESPONSIBLE FOR ANY OF YOUR ACTIONS. THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY. I AM NOT RESPONSIBLE IF YOUR PC GETS A VIRUS OR IS DAMAGED BECAUSE OF ANY OF THE FILES YOU DOWNLOAD THROUGH THE LINKS THAT ARE PROVIDED IN THIS BLOG.

COPYRIGHT RESERVED @2019 THEHACKERFORUM.COM

YOU MAY NOT COPY ANY PART OF THIS BLOG WITHOUT PERMISSION

PLEASE US YOUR KNOWLEDGE CAREFULLY.


6 comments

Recent Posts

See All

6 Comments

THE HACKER
THE HACKER
May 10, 2021

Thanks


Like
Elegant Art Portraits
Elegant Art Portraits
Dec 07, 2020

Useful guide. I just have taken my first step in hacking and found this article quite informative. Kudos to hacker forum.

I'd like to share something with the community. To anyone who doesn’t know how to recover your Zip Password Protected files or struggling with decrypting the Zip file password, then you don’t need to worry again since I found a good zip password recovery tool that will help you recover your Zip, RAR files without any hustle.


https://recoverpassword.net/zip-password-recover.html/


Try it and thanks me later 😊

Like
Preet Hirani
Preet Hirani
Jun 24, 2020

Nice one

Like
Aniruddha Shriwant
Aniruddha Shriwant
May 31, 2020

Great information ! Really helped a lot !

Like
fazej
Nov 24, 2019

This is gr8


Like
bottom of page