Assalamu Alaikum Warahmatullah Wabarkhatuh.....
Let's Start...
1.Learn programming languages thats compatible which all OS -perl, python, C,
2.learn TCP/IP basic Information gathering, proxies, socks, SSL,VPN, VPS, RDP, FTP, POP3, SMTP, Telnet, SSH,
3.learn HTML, Javascripts, PHP, ASP, XML, SQL, XSS, SQLI, RFI, LFI,
4. Learn linux, unix windows- u can do this using vmware or any virtual desktop utility.
5.learn reverse engineering crack an, some programs for serial easy like mirc, winzip, winrar, or old games.
6.learn code a fuzzer common protocols-ftp, pop3, 80, 8080, pick some free software like ftp severs, mail severs, apache or iis or websevers all in one pack or teamspeak, ventrilo, mumble.
7. Learn linux, unix windows- u can do this using vmware or any virtual desktop utility.
5learn reverse engineering crack and some procols-ftp, pop3, 80, 8080, pick some free software like ftp severs, mail severs, apache or iis or websevers all in one pack or teamspeak, ventrilo, mumble.
7. Code a tools that uses greb to sort out unique code in source code
8.make a custom IPtable, IPsec firewall that block all incoming traffic and outgoing traffic and add filters to accept certain ports that your software or script use.
9. Pick a kernel in linux or unix. Also pick a microsoft OS version lets say winxp pro sp2 put them on the virtual desktop (vmware) and find a code a new local exploit in those versions. Then install a Apache websever on the linux/unix and a IIS websevers on the winxp pro and attemp to find and code a new local reverse_tcp_shell exploit.
10. Learn cisco rauter and switch configurations and setup.
11.learn check point setup and config.
12. Learn wifi scanning, cracking, sniffing.
13. Pick a person in your phonebook for the area u live in or city then ring the person on a Anonymous line like skype or a payphone or a carded sim and attempt to social engineer the person name, address, date of birth, city born, country born, ISP connected wich phone company connected with, what bank he/she uses and anything else u can get. Then attempt to ring using a spoof caller ID software with the person's phone number-call the ISP and try reset a password to his/her internet connections/webmail, get access bank account or ask them to send out a new*** to a new address (drop) with a new pin, reset of phone company passwords.
14.use your informations gathering skills to get all the informations off a website like a shop then use the spoof callerID software or hack your phone to a show a new number of the websevers's Tech Support number then ring the shop owner and try get the shop site passwords.
15.do the same thing but attempt to use a web attack against a site or shop to gain access.
16.ones got access upload a shell and attempt to exploit the sever to gain root using a exploit you coded not someone else's exploit.
17.make your own Linux Destro.
18.make your own linux destro or use a vanilla linux gnome (not kde) keep it with much graphics so you can learn how to depend on the terminal and start from scratch install Applications That you will only need for a blackbox (security test box) make folders for fuzzers, exploit's scanners etc... Then load themUp wich your own script and other tools (by this stage you shouldn't need to depend on other peoples scripts)
19.learn macosx and attempt to gain access to a macosx box whether it be your own or someone else.
20. Create a secure home network and secure your own system wich your own security policies and firewall settings.
All this isn't a over night learning it will take a nice 3-4month to learn and bit of this 5+month to learn must of it and even then you may need time to keep learn as IT Keeps Changing Everyday...............
Subscribe to:
Post Comments (Atom)
Hello, my name is Jack Sparrow. I'm a 50 year old self-employed Pirate from the Caribbean.
Good
ReplyDelete