Basic Hacking for beginners(Part 1)

If you’re a beginner and you have interest in learning the basics of hacking, what hacking is all about, and how to go about surfing anonymously.



You’ve come to the right place.

basic hacking for beginners


I'm gonna break it down in the below contents


  1. About hacking
  2. How hacking started
  3. Types of hackers
  4. Hacker terms
  5. Choosing which to become
  6. How to stay anonymous
  7. Protecting yourself


Disclaimer: this post contains affiliate links.


 What is hacking?

In computer networking, ‘hacking’ refers to any technical attempt to influence the standard behaviour of any network connection and connected systems.  

A hacker is any person engaged in hacking practices. The term ‘hacking’ traditionally means any intelligent, constructive, technical work that was not essentially related to computer systems.


Today, however, hacking is often related to malicious programming attacks on the Internet and security networks.


How and where did hacking originate?


M.I.T. Engineers in the 1950s to 1960s first popularized the word and concept of hacking. Begining at the model train club, then in the mainframe computer rooms, the ‘hacks’ pulled off by these hackers were meant to be harmless tech experiments and cool educational activities.

In later years, outside of M.I.T., others began applying the term to less principled pursuits. Before the Internet boomed, for example, several hackers in the U.S. and beyond experimented with methods to alter telephones for making free long-distance calls over the phone network illegally.

As internet and Computers exploded in popularity and status, data systems became by far the most likely common target for hackers.

What are the types of hackers?

basic hacking for beginners


To efficiently describe hacking, you need to first understand the concept “hackers”. 

One can easily presume them to be highly intelligent and skilled in computers. In reality, breaking a security system needs more intelligence and proficiency than actually creating one.

Lots of people desire to be hackers these days. Most of them neither know where to start nor the type of hacker they wish to be. If you’re among those guys, I say howdy sir. It does us lot of good to have some extra stuff in our knowledge bank.

So now, let’s start with the basics of hacking for beginners, by grasping and understanding the different types of hackers. Although there are mainly 3 types of hackers, I have decided to add some extra juice.

Read em up!



Black Hat Hackers(BHH)

This category of hackers is widely known as "crackers". The hackers in this subcategory are always tempted to gain privileges of someone’s system without proper authorization or permission.

Usually, these people work individually for their own gain. In some scenarios though, some might decide to form a team, only so they can be deadlier, and their impact causes trouble to a greater extent.

Their activities often include D-DOS attacks on websites, Identity theft, Vandalism, Site Defacing, and so much more.

You’ll get to know more on these terms in the following tutorials.



White Hat Hackers(WHH)

In contradiction to Black hat hackers, this category of hackers are life-saving angels to many individuals and organisations. They are also referred to as "Ethical Hackers". In fact, Ethical Hacking is considered a career in today's world for many.

To be an approved WHH, you first need to be certified. Though most WHH doesn’t really care about certification. That is because they already know they’re great in what they do.

To be more specific about what White hat hackers do; they perform security tests on different systems with proper authorization which would, of course, be definitely illegal if, in any way, the hands of a Blackhat hacker gets involved.

Grey Hat Hackers(GHH)

As you can probably picture, these are those categories of hackers hacking for both good and bad.

According to some definitions of a grey hat hacker, when he or she finds out vulnerabilities, they wouldn’t tell the vendor ways to exploit it. Rather, he or she will demand to be paid some fees to fix the problem.

However, such practice tends to decline with time due to the willingness of organizations to prosecute.

Another interesting definition of grey hat maintains that GHH perhaps only violate the law in an attempt to improve security.

GHHs usually do both black hacking for their malicious intentions, as well as white hacking with good intentions. They help but have potential to harm. The majority of Hackers fall into this subcategory.


Which One Should I Become?



If you ask me, I’d definitely advise against BHH. But you don't have to listen to me. What you need to know though, it’s always better to know what you are getting into. Hackers sometimes get caught and prosecuted according to the law.

Your best bet is to keep on learning until you gain some good knowledge, and know how to remove all traces of your hack.

There are different potential traces (like logs of the system you hacked, your information that got captured by the hacked system etc) that may lead an expert to pinpoint the handcuffs on your hands.
The different methods to remove the traces of the hacks will b lectured in the following tutorials.


You might wanna check out how to hack a website

Other types of Hackers


“Wait a sec bruh! I thought you said there are only 3 types of hackers"

Recall I said I’m gonna add a little juice. Well, you now know that there are only 3 types of hackers. But what you might not know is the different subcategories for these types.

Let’s break it down!

Ø  Elite Hacker - A rank meant to describe only the most skilled/ reputed hackers.

Ø  Script Kiddie - Lower rank than the first. This designates someone that tends to use tools made by others to perform stuff.

Ø  Neophyte - A much lower rank that describes a newbie to the world of hacking, and only got very little knowledge on the matter

Ø  Green Hat Hackers - As the name implies, they love green. They hack only for money. That’s all. They bother not with the consequences of their actions.

Do we really need all these labels?

It has always been the norm to label stuff just because it sounds cool. But in some cases, it never truly applies and is very limiting.

A single person can have several goals, each contradicting each other because us Humans are diverse in character. A befitting example I got from someone on Reddit was; 
If someone works as a certified Ethical Hacker and does pentesting for a consulting firm, but then at night he/she writes banking Malware. What is he/she?

In this context, you'll see that such person won't really fit in any of those above-mentioned types of hackers.

To answer the question, NO!. Just be you.



Hacker terms

It's all fun and professional to converse with other hackers either online or in person with specific words only hackers understand.

Sadly most people tend to get lost while trying to spin their head around the so many hacking terms.

I got an email from someone who's willing to learn, so I decided to make a list of some of em here.

Hacking vs. Cracking

Hacking truly applies only to actions having good intentions, while malicious attacks on PC/Computer networks and servers are known as cracking.

Most people fail to make this distinction. I don’t think it’s anyone’s fault though, because outside of academia, it’s so regular and common to hear the word "hack" misused and applied to crack.



To skyrocket your dream as a hacker, here are books specially written for both beginners and mediocre hackers I've found to be very helpful.



OK! how am I gonna be anonymous while hacking?

how to stay anonymous while hacking


If you’re planning to be a hacker(not minding the type you choose), then you should be really worried about your anonymity. What should concern you the most gotta be "How to stay Anonymous?".
I’ve compiled a list of some methods to stay anonymous when either surfing the internet or performing some hacks.



Note these literally are basic anonymity techniques, and cannot guarantee 100% anonymity. The more advanced techniques will be brought to terms in upcoming tutorials.



A. VPN

basic hacking for beginners

VPN stands for the acronym, Virtual Private Network. From my point of view, below are some facts that justify its need:

You're gonna be needing some hacking tools

1) Counterfeit the ISP's packet detection measures

This maintains your anonymity by making sure your ISP does not prioritize, inspect and throttle the data going in and out of your system.

2) Keep your IP address anonymous

Prevents the locations your packets are traversing from identifying your connection information details and location.

3) Hides your online activities from third parties. Cool right?

As a VPN supplies a secure tunnel in making a connection to the outside world, it keeps the third parties away from finding your online activities.

4) Not forgetting prevention of location identification and Geotargeting.


No need to go into this. Yeah! The title says it all.

Now to help you kickoff, below are some FREE VPN's that are available.

However, you should note that free VPNs are only for newbies, as it does not guarantee full anonymity.

1.       Cyberghost (Good for Germany)

2.       USA IP 

3.       Free VPN 

4.       VPN Tool (good for US)

5.       SecurityKIS 

6.       Hotspot Shield

7.       ProXPN 

8.       Open VPN

9.       Tor VPN

10.   Its Hidden



B. Proxies


Proxies are some less secure alternative for VPN's. Proxies, however, do the same job as VPN's, as it hides your IP when surfing the internet.

Different types of proxies exist, ranging from a list of less anonymous to high anonymous proxies. One thing you gotta keep in mind is that proxies will not last forever.

The available proxy address tends to change from time to time (which is great for staying anonymous).

Below are some of the Proxy sites that you can use as a starting leveller.

1.       Proxify

2.       Hidemyass

3.       Hidefromyou

4.      Proxy6

5.       Httpsurf

6.      Safersurfing

7.       Unblocked

8.       Proxeasy

9.       Newipnow



C. Virtual Machines


I highly recommend using a virtual machine while doing your stuff. It is perhaps, the best way of testing your exploits without the pain of purchasing a new computer.

This is heaven for White hat hackers because you can use a Virtual machine to test the servers(Remote Administration Tools) without the fear of a breach of your actual working environments.

Below are some of the Popular VM's that you can use.

1.       VMLite

2.       VMWare

3.       Virtual Box



D. Be Easy With Your DOX Info


A common mistake beginners make is to use real-life nicknames, email address, country etc on their slaves. I don’t suggest you do that unless you feel that much confidence.

As you are reading this now bruh/sis, I am pretty sure you’re gonna take my word. Don’t be too overconfident just yet. Don't put any kind of information after you’re done.

There’s a site for Fake Name Generation - Fakenamegenerator which helps you generate some fake profiles. You can get random profiles with lots and lot of information from this site.


Protecting yourself

basic hacking for beginners




If you’re working in a Linux system, do not attempt to work as a root user, especially when trying with new stuff. Else you may compromise your entire system.


You might wanna check out how to install Kali Linux(The hacker's OS)


You can, however, switch to your root user when you know what you’re doing. But beware of the fact that, even if you choose to run the application as a non-root user, the trojan can still work and get the user files/keyloggers etc.

So in my personal opinion, never download untrusted contents especially from small sites, IRC, IM, torrents, warez etc.

Pheew! hope I’m not boring you -). Don’t live yet man.

Now, it is of great importance that you know some of the hacking techniques commonly used to get your personal information in an unauthorized way.

10. Keylogger

A keylogger is a simple tool that records the key sequence and strokes from your keyboard into your machine’s log file. These log files might in some cases contain your personal email IDs and passwords.

Keyloggers are perhaps the sole reason online banking websites tend to give you an option to use their virtual keyboards.

9. Denial of Service (DOS\DDOS)

A Denial of Service is mostly used on websites. The attack is a hacking technique to bring down a site or server by bombarding that site or server with very high traffic that the server is incapable to process all the requests in real time and finally crashes.

For DDOS attacks, most hackers make use of botnets or zombie computers which its only work is to overflow your system with request packets.

8. Waterhole attacks

Are you a big fan of National Geographic channels? If yes, then you should relate easily to the waterhole attacks. To attack a place, in this scenario, the hacker hits the most reachable physical point of the victim.

Example, if the source of a river is attacked and poisoned, it’ll really hit the entire stretch of animals during summer.

In the exact same way, hackers often aim at the most accessed physical location to attack the victim. This could be a restaurant, game shop etc.

Once a black hat hacker spies on you and is aware of your schedule, he might create a fake Wi-Fi access point and alter your most viewed website and redirect them to you to get your personal information.

7. Fake WAP

Maybe just for fun, not necessarily targeting you. A hacker might just create a fake wireless access point.

This WAP will connect to the official public place WAP. Immediately you connect to the fake WAP, a hacker can access your data. Somehow like in the above case.

6. Eavesdropping (Passive Attacks)

Unlike the above attacks which are pretty active. Using a passive attack, a hacker monitors your computer systems and networks to gain some unwanted information.

The motive behind eavesdropping, however, is not to harm the system, but to get some information without being identified.

5. Phishing

In this type, the hacker duplicates the most accessed sites and traps the victim by sending a spoofed link.

Once the victim tries to log in to his account and enters some data, boom! the hacker gets all the private information of the victim using the trojan running on the fake site.

4. Virus, Trojan etc

Virus or trojans are malicious software programs which are installed into the victim’s computer system and keeps sending the victim’s data to the hacker.

3. ClickJacking Attacks

ClickJacking is known as UI Redress to some. In this type of hack, the hacker hides the authentic UI the victim is supposed to click.

In other words, the hacker usurps the clicks that aren’t meant for that exact page, but for a different page where the hacker desires you to be.

Introduction to Trojan

2. Cookie theft

The cookies in a browser keep our personal data such as username, passwords and browsing history for different websites that we access.

Once the hacker gets access to your cookie, he can do plenty things as you. To the extent of authenticating himself as you on any browser.

1. Bait and switch

Using this type of hacking technique, the hacker runs a malicious program which the user think is authentic.

This way, when installation is complete, the hacker gets unprivileged access to your computer.



Let’s call it for today.

Keep in mind that this isn’t close to the end. More parts are coming real soon.

For now, practice what I’ve been preaching.





Subscribe to my mailing list

* indicates required

7 comments:

  1. Replies
    1. Hey Khan, I'm currently working on the second series. Be sure to check back.

      Delete
  2. nice article well written

    ReplyDelete
  3. It is helpful and recommended to the newbie like me. Always, I searched on Google and find another blog. I think who follow's these to Blog, you will able to be a hacker.

    ReplyDelete
    Replies
    1. Thanks Hossain. Continue following this blog and you'll get there.

      Delete