So You Want To Be A Hacker

This post has been on my mind for a while now, but the length and laziness to search my archives and bookmarks has deterred its publication, but alas! it is here now. Since 2014, I have encountered lots of materials here and there that I keep track of and frequent to update my knowledge. This list of resources also includes twitter accounts, but I have excluded that category from this post. There are various sub-domains in cyber security. Hopefully, this post can give you a place to start in the your field of interest. This is a non exhaustive list.

Early 2017, I did a seminar with an old friend on the topic. At that time, I was trying to get students to enroll in my new club on Computer and Network Security. Unfortunately the club was terminated after I graduated in 2018 but it may be resurrected soon (hopefully). I cringe every time I see a snippet of that video. I don’t know why I kept smiling the whole time, but that’s story for a different day. I never watched the full video so I may have said some b.s but oh well..

In the same year, I was privileged to be teaching assistant for CSCD27H3 - Computer and Network Security under Prof. Thierry Sans. At the end of the course, I made a final post for the students in case any one wanted to continue their studies in the field. The content of the original post will be in the Appendix section.

This post is an updated take on the original, links have been updated and newer or more useful materials have been added. These are marked as [UPDATE] and [NEW] respectively. The marker [NU] means No updates at this time. Most likely reason being I haven’t done much in this domain since the original post. Another reason could be the materials from the original post are still authority in the field. Feel free to suggest

DISCLAIMER:

As much as I try to stay in loop with most of the aspects of Computer and Information Security, I have a strong bias from certain sub-domains. You can expect that my knowledge on materials and resources will be skewed in favor of these areas. If you have a resource that you can vouch for, mention in the comments and I’ll add it to the list and credit your mention.

Also, I have not visited or used every resource there is, so if something is missing from this list, it does not in any way imply that the material is subpar. I’ve just not looked into it. Also, I do not rate content. If I have used a resource and it was beneficial to me in any way (or recommended from the comments) it will be on this list.

Social Engineering and Hacker mentality
- [NEW] Open Source Intelligence (OSINT)
- Buscador OSINT OS
- SAIGAR Intelligence Platform
- OSINT for missing persons
Cryptography
- [NU]
Network (In)Security
- [NEW] Conferences and Conference Talks
  - Natalie Silvanovich - Adventures in Video conferencing
- [NEW] Penetration Testing and Red Teaming
  - The Hacker Playbook 3
  - @yeyint_mth’s list on Red Teaming
- [NEW] Books
  - James Forshaw - Attacking Network Protocols
OS & Software (In)Security
- [NEW] Windows Exploitation
  - Corelan Team
  - @yeyint_mth’s list on Windows Exploitation
- [NEW] Linux Exploitation
  - Andrey Konovalov’s list on Linux Exploitation
- [NEW] General Exploitation
- [NEW] Browser Exploitation
- [NEW] Vulnerability Modelling and Fuzzing
- [NEW] Mitre Att&ck Matrix
- Reverse Engineering
  - [NEW] Conferences and Conference Talks
  - ReCon
  - Infiltrate Con
  - Offensive Con
  - Alex Ionescu - Reversing without Reversing
  - Sensepost -x86 Crash course
Web Application Security
- [NEW] Free Labs and Training
  - Web Security Academy
  - HackerOne 101
Secure Programming
- [NU]
Digital Forensics and Incidence Response
- [NEW] Fameworks
  - OSQuery
  - The HELK
General Resources
- [UPDATE] https://exploit-exercises.com/ ==> https://exploit.education/
Penetration Testing
- HackTheBox
  - [NEW] IPPSEC vs HackTheBox
- [NEW] Virtual Hacking Labs
Malware Design and Analysis
- [NEW] Books and Articles
- [NEW] Platforms
  - GCHQ’s CyberChef
  - Cuckoo Sandbox for Automated Malware Analysis
- [NEW] Repository
  - InQuest Malware Samples
Bug Bounty
- [NEW] Exploit Market
  - ZeroDay Initiative - TrendMicro
  - Zerodium
CTFs
- [NU]
- [NEW] Tools
  - FRIDA
  - GHIDRA
  - IDA Freeware v7.0
  - Binary Ninja
  - PwnTools
  - PwnDBG
  - WinDBG

Appendix

Hi Mallories,

This post is in response to

Hopefully, for most of you, this course has sparked an interest in Computer and Network Security! and now for those of you interested in pursuing this interest, it’s never too late to start. Security hasn’t been the most publicly available knowledge but that has changed in the recent years given the rise in breaches and the shortage of grey hats.

I’ll attempt to provide a list of resources related to the topics covered in this course and more so you can explore your curiosity! You’ll learn by doing so I’ll provide books and challenge sites. This is a non exhaustive list and the list is unordered.

Social Engineering and Hacker mentality
- Books by Kevin MitnickOnce upon a time, greatest hacker of all times, Kevin Mitnick has a lot of books on how hackers think and act. You can find them here. Personally, these helped me with having the right mindset:
  - https://mitnicksecurity.com/shopping/books-by-kevin-mitnick
- Penetration testing write-upsYou may not understand the concepts yet but reading these writeups can help you see how the attacker thought about the compromise from planning to execution. It’s like gaining many years of experience by just reading technical stories. Not everything will make sense but eventually, it will as you learn more. See the section on Penetration testing.
Cryptography
There are many good books and resources out there for this topic but I’m shy of this so I haven’t really invested time into this field hence, i have nothing to recommend but the site below. However, I can assure that going through these challenges, will point you in the right direction for help and knowledge.
- Crypto challenges and insight by Cryptopals
- Krypton by Overthewire
Network (In)SecurityResources listed here are mostly on offense. But even if you plan to defend, you will learn what to look out for. I don’t specialize in defense so I’m short on resources related to Network Administration etc.
OS & Program (In)Security
Reverse Engineering
Web Application Security
Secure Programming
- Hopefully, while solving and reading about other topics, you learn what’s secure and what’s not. There are book on this but they are language specific.
- Secure Code Review by opensecuritytraining
Forensics
- The art of Memory forensics
- Practical digital forensics
- Android Forensics by opensecurity
- CSC423H5 at UTM
- Network Forensics by opensecuritytraining
- Overthewire Bandit Not really forensics but will teach you your way around *NIX environments
General resources
- Some of these have already been mentioned before
  
  Videos, courses and challenges:
  http://www.opensecuritytraining.info/Training.html
  https://www.cybrary.it/
  https://liveoverflow.com/
  http://overthewire.org/wargames/
  https://exploit-exercises.com/
  https://ropemporium.com/
  https://www.owasp.org/index.php/Main_Page
  
  and lots more..

Combining it all together:

Penetration Testing
- Hack the box:
  Site: https://www.hackthebox.eu/About: You’re required to hack the invite process before you can register. The platform has a variety of Windows and Linux servers available for compromise over VPN.
  Hackers are ranked by number of system accounts hacked (NT\AUTHORITY and root) and regular user accounts. You start as n00b. This hacker rank also comes with some perks. There are also job postings and you can only apply to jobs whose hacker rank requirement includes your rank.
  
  Access to servers is completely free but while attacking a server you may get kicked out or the server may be reset by another hacker if you don’t cancel the reset request in time. I usually have to wait for off hours to work.
  There’s also an in house community. Allowing you to chat with other hackers in case you’re stuck. Your questions have to be smart though, no one would give you the direct answer. If you think Prof. Thierry’s answers were usually indirect, you haven’t met these folks. This is why people there know everyone has earned their stripes. That being said, in this field, talking to someone is better than Google.
  
  There’s also regular challenges on forensics, crypto, exploitation etc. You also cannot find writeups online because that will ruin the fun. My handle on this platform is n33trix. I haven’t been active since May but I’ll probably spend my holiday on here. If you stop by, hit me up :-)
- Pentestit Labs
  Site: https://lab.pentestit.ru/
  About:Registration is free. The platform simulates a cooporate environment and runs for about six months before a new simulation is up. Hacker progress are also publicly announced on their site and twitter. Since the lab simulates a cooperate environment, there is a sense of accomplishment when you own the Admin servers/boxes.
  
  You start as an external attacker over VPN. Starting from the external gateway (the only box you initially have access to) you are required to make it into the Admin network, owning as many machines as possible. This is a sample network map. Connectivity is more stable. There’s community as well and same applies for the community mentioned above. Hacker’s aren’t ranked. Write-ups are posted about 3 months in.
Malware Design and Analysis
- Malware DesignNot many books or resources on the design of malware (how to make/write). However, there’s this (possibly dated book) does a good job. You’ll need to brush up on your assembly skills and knowledge of OS to read this book. Good thing is, if you can analyze Malware, then you can find the recipe to how they work :-). I also haven’t researched a lot on this so there may be some resources i’m not aware of. Be curios but that land in the wrong place.
- Malware Analysis
  Shout out to all the reverse engineers reading binaries on a daily, much respect. Reverse Engineering is not for the faint of heart, so you’ll need to be good with that first. After which, you can explore, the following from OpenSecurityTraining. These courses might have pre-reqs, I find it’s better to complete the pre-req courses first.
  
  1. Malware Dynamic Analysis
  
  2. Reverse Engineering Malware
  
  3. RPISEC on Malware
  
  Books:
  
  1. Practical Malware Analysis
Bug bounty
- Introduction to bug bountyThis is a new step to better security. Essentially, companies release their software or service for hacking and the successful hacker gets rewarded. You will need to report the bug to the company and probably work with them to fix it. Hacker’s are registered, no fowl play. This book will enlighten you further. HackerOne and BugCrowd are example bounty platform. Companies like Google also have standalone bounty programs.
CTFs

After you have trained like a pro, go out there and join a team! All of this is to much work for one person, find a niche you love the most, specialize in it and play CTF games for fun and profit. For more about CTFs, read this and check out CTFtime.org to join a team and play

Best of luck!