Hacking Starter part1

Requirements

-Hardware

-Building motivation

liveoverflow.com

Movies For Hackers - A curated list of movies every hacker & cyberpunk must watch.

1. Introduction to Information Security

• Need of Cyber Security

• White, Grey and black hat Hacking

• Levels of hackers

• Cyber Law & IT Acts briefly

• The cyber glossary

• Development: programming Vs scripting

• Networking overview

• Network devices and endpoints

• Operating systems: windows vs Linux vs mac Vs unix vs ios vs android vs hardware

• A day of a pentester / hacker

How To Become A Hacker - if you want to be a hacker, keep reading.

A nice article on getting into penetration testing: https://medium.com/@Knightsbr1dge/penetration-testing-roadmap-b26611f8868b

2. Networking

Study

https://commotionwireless.net/docs/cck/networking/learn-networking-basics/ https://commotionwireless.net/docs/cck/networking/learn-networking-basics/ https://www.slideshare.net/variwalia/basic-to-advanced-networking-tutorials https://www.cisco.com/c/en/us/solutions/small-business/resource-center/networking/networking-basics.html http://www.penguintutor.com/linux/basic-network-reference https://www.utilizewindows.com/list-of-common-network-port-numbers/ https://code.tutsplus.com/tutorials/an-introduction-to-learning-and-using-dns-records–cms-24704

https://9tut.com

https://www.9tut.net/

the topics below that dont have links can be found within this site: https://study-ccna.com/

• -IP Address

• -Mac address

• -Tcp udp

• -NAT

• -IP Subnets

• -DHCP Server

• ICMP https://www.extrahop.com/resources/protocols/icmp/

• FTP

• NTP

• SMB

• -router config lab

• -Ports

• -DNS

• -DNS Server

• -setup pihole https://medium.com/swlh/how-to-set-up-pi-hole-2293246dc8ed https://www.smarthomebeginner.com/pi-hole-setup-guide/

• -Proxy Servers https://www.youtube.com/watch?v=5cPIukqXe5w

• -setup proxy https://www.youtube.com/watch?v=k8ChxpJXu90

• -Virtual Private Networks https://www.youtube.com/watch?v=_wQTRMBAvzg

• -Setup vpn https://www.youtube.com/watch?v=CBJMl9MILbg

• -OSI Model

• -Web Architecture https://www.youtube.com/watch?v=YGGBahexXYI https://www.youtube.com/watch?v=7_LPdttKXPc

• vlans

• ACLs

• IPv6

wan technologies

Watch

• Introduction and Layer 1

• Layer 2 - Data Link

• Layer 3 - Network, Part 1: Addressing & Masking

• Layer 3 - Network, Part 2: Routing

• Layer 3 - Network, Part 3: Communication

• Layer 4 - Transport

• Layers 5 & 6 - Session and Presentation

• Layer 7 - Application

• Inter-Layer Communication & Conclusions

CCNA Series:

https://www.youtube.com/watch?v=l_OPR2yh2co&list=PLh94XVT4dq02frQRRZBHzvj2hwuhzSByN&index=2

Practice

learn commands from gits

https://github.com/HerrSpace/CCNA-Cheat-Sheet

https://github.com/MohamedDiouane/CCNA-Commands

https://github.com/Vincevrp/cisco-cmd

use cisco packet tracer

https://www.packettracerlab.com/

https://www.9tut.com/category/ccna-lab-challenges

https://www.packettracernetwork.com/

https://www.9tut.net/

use gns3

https://www.9tut.com/category/practice-ccna-gns3-labs

 

3 - Network Security Devices

• -Network Firewalls https://www.youtube.com/watch?v=kDEX1HXybrU https://www.youtube.com/watch?v=2llWuivdS7w https://www.youtube.com/watch?v=JtKq39I7z6k https://www.youtube.com/watch?v=GN6xLwEjgR0

• -setup host firewall https://www.youtube.com/watch?v=PtiCj-rpOf0

• -Weakness in Firewalls https://www.youtube.com/watch?v=_SHNidfPMVI https://www.secpoint.com/what-is-the-weakness-of-a-firewall.html http://softwareindustries-ifour.blogspot.com/2016/04/firewall-design-strengths-weakness.html

• -Honey Pots and Security Misconfiguration https://www.youtube.com/watch?v=FBnTeryebzc https://www.youtube.com/watch?v=GdXFen4ZTvE https://www.youtube.com/watch?v=7Hftbep1xGY

• -setup a honeypot https://www.youtube.com/watch?v=0WUaI2pNiPI https://www.youtube.com/watch?v=vUj9W0w7MdA https://www.youtube.com/watch?v=fyG-HZJM-XE https://www.comparitech.com/net-admin/how-to-establish-a-honeypot-on-your-network/

• -Web Application Firewalls introduction https://www.cloudflare.com/learning/ddos/glossary/web-application-firewall-waf/ https://www.youtube.com/watch?v=p8CQcF_9280 https://www.youtube.com/watch?v=omHQ68k50XY

• -Setup Web Application Firewalls tools

• -Intrusion Detection Systems and weakness https://www.barracuda.com/glossary/intrusion-detection-system

• -Intrusion Prevention Systems and weakness https://www.forcepoint.com/cyber-edu/intrusion-prevention-system-ips

• -Setup Network IDS/IPS tools https://www.youtube.com/watch?v=41qJIbL2nt4 https://www.youtube.com/watch?v=iBsGSsbDMyw https://www.youtube.com/watch?v=KRlbkG9Bh6I

• -Writing Custom Rules

• -Logs Analysis and syslog https://www.sumologic.com/glossary/log-analysis/, https://www.youtube.com/watch?v=fGVFCaVQnWw , https://www.youtube.com/watch?v=Fbnnd5YYL4M

• -DMZ Configuration

   

  Networking_full_course https://www.youtube.com/watch?v=QKfk7YFILws

  Part 2 , 3 : by ch3ckm8

   

4 - Basic Traffic analysis

Study

Phrack Phrack: Happy Hacking Phrack profile on FX

Packets and Network Interaction

Watch

https://www.youtube.com/watch?v=HARQmykuteQ https://www.youtube.com/watch?v=4_7A8Ikp5Cc https://www.youtube.com/watch?v=TkCSr30UojM https://www.youtube.com/watch?v=ZakzlYJ9BBQ https://www.varonis.com/blog/how-to-use-wireshark/

Practice

• Install and use Wireshark: inspect the traffic send by your HTTP client (use "Follow TCP stream) and HTTPs client (check the SSL handshake) https://www.youtube.com/watch?v=4_7A8Ikp5Cc https://www.youtube.com/watch?v=TkCSr30UojM https://www.youtube.com/watch?v=ZakzlYJ9BBQ https://www.varonis.com/blog/how-to-use-wireshark/

• FTP:

  • Install a FTP server on your system: https://www.youtube.com/watch?v=v1IOewY6nAA https://www.windowscentral.com/how-set-ftp-server-windows-10

  • Write a FTP client using a socket in c: https://gist.github.com/ozcanovunc/e3dda9c0886321fcc6ee

    https://github.com/pranav93y/Basic-FTP-Client-Server

5 Programming - Scripting

https://euanb26.gitbook.io/ ​ https://github.com/EbookFoundation/free-programming-books

5.1 Bash Scripting

Study

• pure-bash-bible - is a collection of pure bash alternatives to external processes.

• pure-sh-bible - is a collection of pure POSIX sh alternatives to external processes.

• bash-guide - is a guide to learn bash.

• bash-handbook - for those who wanna learn Bash.

• The Bash Hackers Wiki - hold documentation of any kind about GNU Bash.

• the-art-of-command-line - master the command line, in one page.

  Awesome Shell - awesome command-line frameworks, toolkits, guides and gizmos.

  https://www.tutorialspoint.com/unix/shell_scripting.htm https://www.learnshell.org/ https://medium.com/quick-code/top-tutorials-to-learn-shell-scripting-on-linux-platform-c250f375e0e5

• http://tldp.org/LDP/Bash-Beginners-Guide/Bash-Beginners-Guide.pdf

• https://www.bash.academy/

• https://www.guru99.com/introduction-to-shell-scripting.html

• https://ryanstutorials.net/bash-scripting-tutorial/bash-script.php

• https://www.geeksforgeeks.org/basic-operators-in-shell-scripting/

• https://hashcat.net/forum/thread-3602.html

• https://www.servethehome.com/password-cracking-with-8x-nvidia-gtx-1080-ti-gpus/

• https://www.servethehome.com/

• https://www.servethehome.com/author/patrick/

• https://hashcat.net/forum/thread-581.html

Watch

• • Scripting Introduction & Linux Review

  • Variables & Parameters

  • Flow Control

  • Parsing & Searching

  • Practical Uses & Conclusion

   

  https://www.youtube.com/watch?v=Sye3mu-EoTI

  https://www.youtube.com/watch?v=GPjcSxyIIUc

Practice

 

5.2 PowerShell

Study

https://www.guru99.com/powershell-tutorial.html

https://github.com/PowerShell/PowerShell/blob/master/docs/learning-powershell/powershell-beginners-guide.md

Watch

• Introduction to PowerShell

• Cmdlets

• Scripting, Variables and Syntax

• Flow Control

• Practical Uses & Conclusion

Practice

5.3 Python

Study

https://realpython.com/ https://docs.python.org/3/tutorial/ Awesome Python - a curated list of awesome Python frameworks, libraries, software and resources. 🔸 python-cheatsheet - comprehensive Python cheatsheet. 🔸 pythoncheatsheet.org - basic reference for beginner and advanced developers.

wtfpython - a collection of surprising Python snippets and lesser-known features.

https://github.com/mahmoud/awesome-python-applications

Watch

• Introduction to Python

• Operators and Flow Control

• Scripts

• Modules and Introspection

• Practical Uses & Conclusion

Practice

• https://www.thepythoncode.com/topic/ethical-hacking

• https://www.thepythoncode.com/topic/web-scraping

• https://www.thepythoncode.com/articles

• https://www.thepythoncode.com/topic/using-apis-in-python

• https://www.thepythoncode.com/topic/scapy

5.4 C and C++ Programming

Study

The C Programming Language (K&R) https://www.programiz.com/c-programming The GNU C Reference Manual https://www.gnu.org/software/gnu-c-manual/gnu-c-manual.pdf Learn C the Hard Way Learn C in Y Minutes https://learnxinyminutes.com/docs/c/ Beej’s Guide to C Programming https://github.com/rby90/Project-Based-Tutorials-in-C

https://www.learncpp.com/cpp-tutorial/ https://www.learncpp.com/

 

6. System Administration

-Virtualization and setting up a lab

Awesome Sysadmin - amazingly awesome open source sysadmin resources.

6.1 Linux

-Linux Basics https://www.guru99.com/must-know-linux-commands.html ​ -Install and setup ​ -Introduction to Linux based Pentesting OS ​ -System Architecture https://www.geeksforgeeks.org/introduction-to-linux-operating-system/ ​ -File system https://www.linux.com/training-tutorials/linux-filesystem-explained/ https://www.tutorialspoint.com/unix/unix-file-system.htm ​ -Users and privileges https://www.guru99.com/file-permissions.html ​ -Network Configuration https://www.redhat.com/sysadmin/network-interface-linux ​ -Essential Commands https://www.hostinger.com/tutorials/linux-commands ​ https://www.geeksforgeeks.org/linux-commands/ ​ https://www-uxsup.csx.cam.ac.uk/pub/doc/suse/suse9.0/userguide-9.0/ch24s04.html ​ http://linuxcommand.org/

-Logs https://www.loggly.com/ultimate-guide/linux-logging-basics/ https://sematext.com/blog/linux-logs/ ​ -Bash scripting ​ https://www.tutorialspoint.com/unix/shell_scripting.htm ​ https://www.learnshell.org/ ​ https://medium.com/quick-code/top-tutorials-to-learn-shell-scripting-on-linux-platform-c250f375e0e5

• -Linux administration tools https://geekflare.com/linux-tools-for-sysadmin/ https://www.redhat.com/sysadmin/favorite-linux-sysadmin-tools

Study

Iptables https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ part1:https://www.youtube.com/watch?v=vbhr4csDeI4 part2: https://www.youtube.com/watch?v=H1WPwAjMXRo

https://www.youtube.com/watch?v=v-z6LCcrutw&list=PLvadQtO-ihXt5k8XME2iv0cKpKhcYqe7i

Setuid https://www.geeksforgeeks.org/setuid-setgid-and-sticky-bits-in-linux-file-permissions/

Environment Variables https://www.youtube.com/watch?v=pjh9rU9h22Q

linux-cheat - Linux tutorials and cheatsheets. Minimal examples. Mostly user-land CLI utilities.

https://explainshell.com/ ​ https://hackernoon.com/useful-vim-tricks-for-2019-e7c1db7a18d6

https://linuxjourney.com/

https://www.linuxsecrets.com/entry/6managing-linux-systems/2016/03/28/1740-linux-manually-configuring-wireless-and-devices?showall=1

https://dougvitale.wordpress.com/2011/12/21/deprecated-linux-networking-commands-and-their-replacements/amp/

https://tails.boum.org/

https://0x00sec.org/t/use-the-past-to-conquer-the-future-a-how-to-on-bash-history-substitution/12977

https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf

Watch

• VMware Installation and Configuration

• OS Background & Building the Linux VM

• Core Commands

• Users and Groups

• Applications and Services

• Files and Permissions

• Installing Software

Practice

• Install Linux: Retrieve a virtualisation system (VirtualBox, VM player) and install Linux. Use a traditional distribution like Ubuntu not a security related one.

Iptables

• If enabled, disable iptables in your vm

• Use iptables to block ICMP requests, test if it works using ping

• Nmap

  • Use Nmap to find the open ports on your VM.

  • Use Nmap to find the open ports on your VM while blocking ICMP using iptables.

  • Use iptables to close one of the open ports, check that it works using Nmap.

6.2 Windows basics

• -logs https://www.loggly.com/ultimate-guide/windows-logging-basics/ https://www.youtube.com/watch?v=X0WDzktpr5I

• -Internals https://samsclass.info/140/lec/Excerpted-PRE07_Solomon.pdf

• -Cmd https://www.computerhope.com/issues/chusedos.htm https://www.youtube.com/watch?v=MBBWVgE0ewk&list=PL6gx4Cwl9DGDV6SnbINlVUd0o2xT4JbMu

• -Powershell https://www.varonis.com/blog/windows-powershell-tutorials/ https://www.guru99.com/powershell-tutorial.html https://www.youtube.com/watch?v=TUNNmVeyjW0

• cmd vs powershell https://www.varonis.com/blog/powershell-vs-cmd/

• -Windows administration tools https://www.youtube.com/watch?v=cUjTcNluIxc https://www.lifewire.com/administrative-tools-2625804

Watch

• Windows Virtual Machine Installation

• Updating Windows

• Command Line Basics

• File System

• Users and Groups

• Policies and Credential Storage

• Registry

• Networking and Sharing

• Services and Processes

####

6.3 Basic Active Directory

Study

AD-Attack-Defense - attack and defend active directory using modern post exploitation activity.

https://www.varonis.com/blog/active-directory-domain-services/

https://www.paessler.com/it-explained/active-directory

Watch

https://www.youtube.com/watch?v=GfqsFtmJQg0

Practice

https://www.youtube.com/watch?v=mQT38VR4boQ

https://www.youtube.com/watch?v=ukFC48bzVSM

https://www.youtube.com/watch?v=L8fK5-oTSws

Active directory lab

https://www.youtube.com/watch?v=xftEuVQ7kY0