How to become a good hacker?

[Ghost121]

I am a newbie and have very little knowledge about ethical hacking. what books would u suggest to start?
And any other details on ethical hacking and CEH will be highly entertained.
Also is setting up of a lab necessary?
 Thank u

[unicityd]

Check out this thread:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,8775.msg48286/#msg48286

And this article:
http://www.infiltrated.net/pentesting101.html.

[Ghost121]

tnx unicityd  that cleared most of my doubts. I surely love this site.

[MaXe]

How to become a good hacker:
Step 1) Realize that CEH won't teach you anything practical in the world of good hackers.
Step 2) Read lots of books from e.g. Syngress, but also the books such as Hacking Exposed and The Web Application / Database / Hacker's Handbook (And the Shellcoders Handbook) are basically some of the best books on the market.
Step 3) Learn to write a few scripting languages, start with a simple one such as PHP or Python.
Step 4) Research what you don't know, by using sites like this  (Search it for information, as your question has at least been asked 5-10 times this year I think, and I've even responded to most of them xD )

[lynoharvey]

Hi,

   I’ve found a site recently where the author has conducted some research with Information Security professionals concerning what they think is important for people to learn when trying to break into the industry.

http://www.digininja.org/projects_general.php

   On the above page there are a series of articles called “Breaking into Security”.
   I think they give some interesting information for newcomers about what certificates are important and what programming languages to learn --also a range of other issues.
I personally think it is worth a read.

 Good luck with your journey

[chrisj]

Krebs on Security has a series on it too. haven't had time to read it yet.

http://krebsonsecurity.com/2012/06/how-to-break-into-security-ptacek-edition/

[Ghost121]

Thanks a lot guys for  your time and responses  . i ll begin with the book suggested by MaXe

[j0rDy]

i'm missing two things here:

along with alle the theoretical knowledge you can gain from the above mentioned sources (books and what not) spending time behind the keyboard just doing it (for example, configure windows security wise, fiddle with permissions for users on linux) gives you a great understanding on how the things work you want to break. also read material at exploit-db and securityfocus, even if you do not understand it (yet).

practice practice practice (practice makes perfect they say)...use hackme's/challenge websites to learn more about "real life" examples.

[Cyber.spirit]

thank u all for those useful site

[Joshsevo]

Reading books above your level of understanding will make you familiar with the terminology and possibly what it's used for but if the topic is just way above your head then reading many books won't help.  What will help is doing different things, then go back and read the parts that you don't understand again.

[jason]

Hanging out with people that are smarter/more knowledgeable than you helps as well.

[ZeroOne]

This reminds me of the question: "How do I become a good engineer?

[3xban]

Hanging out with people that are smarter/more knowledgeable than you helps as well.

+1  Very true!

[MatP]

Krebs on Security has a series on it too. haven't had time to read it yet.

http://krebsonsecurity.com/2012/06/how-to-break-into-security-ptacek-edition/

I've read all the articles in Krebs' series and they are interesting, but they give a huge variety of advice, not all of it really matches up. Of course that's because he asks people in all different areas of security (AppSec, Network Security, etc.). This is great in that it gives you a very broad view and opens your mind to things you maybe hadn't considered before, however, if you're new to security and don't know what field interests you the most it may be a little overwhelming.

That being said, I'd definitely recommend reading the articles in this series if you're new and if nothing jumps out at you, then you can always try learning a bit of everything they recommend and see if that helps you narrow down what you enjoy most.

[YuckTheFankees]

^ I've been following the series, I hope they add a new interview soon. What's being said is not ground breaking but it's definitely interesting to hear multiple InfoSec professional's opinion on how to break into the field.