.

Ambitious Student New to Hacking

<<

Akratic

User avatar

Newbie
Newbie

Posts: 2

Joined: Sun Apr 14, 2013 9:18 pm

Post Sun Apr 14, 2013 9:47 pm

Ambitious Student New to Hacking

Good evening. First off, I'd like to say that I am new to the site. It's a grand archive of resources and opportunity.I'm looking forward to exploring and developing it further.

I am currently a 17-year-old high school student, intimidated by the oncoming future: college, jobs, responsibility, etc.
I have always had an unruly obsession with computers, starting at the age of five with a brick and a command line. Now I have developed this obsession into a full-blown passion.  

My ultimate goal as of right now is to eventually work my way into the NSA' s expert vulnerability analysis / project management group, Red Cell. Far off dream, yes, and many obstacles to overcome before finally realizing that goal, but I am willing to forge myself into a cyber warrior by any means necessary

I do need help. I have a strong understanding of computers, feeble programming skills, a poor mathematical background (incorporated into the computer science field?), and, worst of all, no idea where to begin, even though I do have an A+, Network+, CCNA, and Malware Analysis textbook behind me.

Where/ how did you guys begin your careers / hobbies / passions of being a hacker? What more can I do to get a jump start into the cyberworld of hacking? What basic skills might I need and how do I hone them to the best of my ability? Am I still too young to even enter the field? I have a lot of questions, and I figured professionals like yourselves could point me in the right direction.

Thank you,
~ Akratic

P.S. This topic may be in the wrong forum section. If so, I apologize ahead of time. I may not be able to see all of the site, as I am on a kindle fire.
Last edited by Akratic on Sun Apr 14, 2013 9:51 pm, edited 1 time in total.
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Sun Apr 14, 2013 11:25 pm

Re: Ambitious Student New to Hacking

Welcome to the site.

There are people on here far more qualified to answer your question than I but I'll chime in with a few thoughts.

The first thing is to continue reading the types of books you're reading. The people in this field are unbelievably well rounded. A wise man once told me "don't learn to hack, hack to learn". You need understand every phase of computing (networking, TCP/IP traffic, programming etc.) to understand how to exploit it and what to do with it if you do exploit it.

In addition to your reading, check out free tutorials on sites like Security Tube. They're gold mines.

Once you feel like you have a bit on knowledge and you actually want to try to practice penetrating a machine get some virtual machine software (it's cheap) and download some vulnerable by design virtual machine images from vulnhub.com. Then you can download a pen-testing Linux distro like backtrack or Kali Linux and start trying to attack the boxes. If you're having trouble you can Google to see what attacks others have had success with on that vulnerable image and then try to duplicate their results.

The bad news is that there is a ton to learn. The good news is you can't pick the wrong stuff to learn because you need it all :)
Last edited by azmatt on Sun Apr 14, 2013 11:27 pm, edited 1 time in total.
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Apr 15, 2013 2:07 am

Re: Ambitious Student New to Hacking

Welcome to the forums.

Learn Linux. Learn Assembly. Learn C/C++. Learn how processors and memory work. Learn networking at the packet level. This will give you a foundation on which to build. If you do not do this first, everything else you do will be more difficult. It's not as exciting as using Metasploit to instantly get a shell, but you want to achieve mastery, not just own a box. Move on to Python and/or Ruby afterwards.

Are you planning on going to college? You'll need decent math for a CSci degree. Maybe use https://www.khanacademy.org/ to brush up on your math skills.

For the meantime, don't worry about tools or specific vulnerabilities or technologies. You're probably 4-5 years away from entering the field (6-7 if you do a masters), and things will change drastically in that time. Having some historical perspective will be useful, so maybe follow Bugtraq and ExploitDB, but don't make this your focus.

+1 to what azmatt said. SecurityTube is a great resource. Go through the assembly and exploit dev video groups, and then check out sites like Corelan and The Grey Corner.

That's a great cert list for your age. Well done. Don't worry about your future. Just stay dedicated and keep moving forward. Everything can feel overwhelming, but periodically stop and look back where you were a year or two ago and realize how far you've come.

Also, try not to go right into a security position. The best security people I know spent their time in the trenches and doing systems and networking work. The people I see who go right into security often struggle because they do not have insight into daily operations.

Attend conferences and start networking if you can. You'll probably land better positions through your contacts, so start building them up now.
The day you stop learning is the day you start becoming obsolete.
<<

Akratic

User avatar

Newbie
Newbie

Posts: 2

Joined: Sun Apr 14, 2013 9:18 pm

Post Mon Apr 15, 2013 7:43 pm

Re: Ambitious Student New to Hacking

Thank you both for the great advice; I feel a little more confident now.

azmatt, what books / authors do you recommend so I may continue my reading?

And yes, to reply to ajohnson, I do plan on going to college. I will be going to Towson University next year to major in Computer Science with a Security track. And just my luck, the NSA is just 20 minutes or so from campus! I could definitely build an excellent network of contacts and develop my knowledge of the security field. Also, ajohnson, do you have any sites that may keep me in touch with nearby Cybersecurity / hacking conferences? I've always thought about attending some. If not, I'll be sure to find them myself.   : ]

Thank you again,
~ Akratic.
Last edited by Akratic on Mon Apr 15, 2013 7:48 pm, edited 1 time in total.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Apr 15, 2013 9:38 pm

Re: Ambitious Student New to Hacking

Don does a good job of posting them to the forum: http://www.ethicalhacker.net/forum/http ... .php?f=6.0

There's also SECore: https://secore.info//

I'd recommend DerbyCon; it's my favorite one: https://www.derbycon.com/ DefCon's fun too, but it can be overwhelming if you don't know anyone. I'll be going to both this year. Feel free to shoot me a PM if you can make it out.

Also, see if there are BSides and/or OWASP, ISSA, Infragard, etc. meetings in your area.
The day you stop learning is the day you start becoming obsolete.

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software