So, you want to try this 'hacking'​ stuff… | by Garry R


So, you want to try this 'hacking'​ stuff… 

I've been presenting a lot lately. It's always nice to educate and surprise people by showing them something they have never seen before. From brute-forcing passwords to exploiting vulnerable software to get access to a computer. When the time comes for Q&A, I almost always get asked by someone:

"How can I learn how to hack?"

The short and sweet answer is: "Google it." However, this will almost certainly lead most people down a rabbit hole. So, to fix that, I've created a 10 step plan for anyone keen to learn how to hack. Enjoy.

1. Get a computer

It doesn't have to be expensive, but should have enough RAM to run virtual machines. I use a MacBook Pro with 32Gb of RAM, but if you don't know what you need, you can search DuckDuckGo for "laptop for hacking".

2. Get a hypervisor

A hypervisor is a piece of software that enables you to run a computer within a computer (also known as a virtual machine or VM). I use VMware Fusion because I'm on macOS, but you can use use VirtualBox if you prefer. If you're on Windows you can use VMware Workstation.

3. Download Kali Linux

Kali is free, actively maintained, and a great starting point. Make sure you get the version that works on your hypervisor. If you're stuck on the setup process, search for it on YouTube.

4. Setup Kali

Get Kali working nicely on your hypervisor and test your internet connection. Again, if you have difficulty with the connection, just Google it. Pay attention to the network settings in your hypervisor software (look out for words like: bridged, NAT, auto-detect). All the Kali documentation is here.

5. Gain knowledge

All you lack now, is knowledge. At this stage of the game, you have all of the basic equipment that I, and many others, use on a daily basis. There are a plethora of websites, YouTube channels, and books to choose from. Get ready to be busy organising your bookmarks. I recommend GitBook for staying organised.

6. Get a hold of these books

  • Kali Linux Revealed (free, from Offensive Security here). This book will teach you how Kali works. Can you imagine if Lewis Hamilton didn't know how his F1 car worked? You don't need to memorise the information in this book, just read over it and remember it is always there if you need it.
  • Penetration Testing by Georgia Weidman (paid, available here). This book is possibly the best all-rounder when it comes to learning to hack. You will cover setting up your own lab, attacking computers, breaking passwords, and all that exciting stuff. It's a lot to take in, but go with it as best you can.

7. Setup Metasploitable

Metasploitable is an intentionally vulnerable VM made by a company called Rapid7. You set it up alongside the Kali VM and then attack it. There are plenty of videos on YouTube to show you how to achieve both. You can get a hold of it here and there is an official guide on that page too.

8. Explore VulnHub

If you have exhausted Metasploitable, you'll have certainly learnt a lot, but it's time to step it up. VulnHub is a website that hosts vulnerable computers, just like Metasploitable. They have tutorials that teach you how to hack each of them. This is where it all gets a bit slow, because you have to download the entire image file and set it up in your hypervisor. Have a go anyway and we'll fix the slowness in a minute.

9. Join Hack the Box

This is it: the big one! Hack the Box is the top dog when it comes to online training labs. This puts an end to downloading VMs from VulnHub and troubleshooting your setup.

To even join Hack the Box, you'll have to hack your way in. Once you're in, I highly recommend buying the VIP access; it's a bargain at twice the price. You'll get access to active and retired machines, challenges, a members area, and there are "pro" labs when you're ready to really test your skills. The retired machines are where you will do the vast majority of your learning, with great videos from IppSec. You can even apply for jobs directly on the site whenever you have earned the relevant rank to do so. There's a strong community on the platform and don't need to download anything other than a VPN configuration file. This is not a paid endorsement.

10. Test what you have learned

If you've gone through all that, you've come a long way. Well done. Perhaps you'd like to consolidate what you know in a common format that employers will understand: a certification. There are a lot of information security training courses and exams out there. Here's a few vendors and courses to check out:

  • eLearn Security: eJPT ($ - a fun and cost effective way to get your first certificate).
  • Offensive Security: OSCP and OSCE ($$ - both are 48 hours of pain, the most coveted certificates on the market).
  • Spectre Ops: Red and Blue team training ($$$ - these people invented some of the best attack tools on the market).
  • SANS: They teach almost everything ($$$$ - not cheap, but very well regarded in the industry).


That's it.

If you've read all of this, thank you, and I hope I've helped give you some direction on how to get started with this "hacking stuff". If you have further questions, don't hesitate to reach out.

Originally posed:

January 21, 2020
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023