Author Topic: Questions on what I should focus on learning.  (Read 1387 times)

0 Members and 1 Guest are viewing this topic.

Offline Nekron811

  • NULL
  • Posts: 1
  • Cookies: 0
  • I am the darkness before there was light.
    • View Profile
Questions on what I should focus on learning.
« on: September 18, 2015, 12:09:47 am »
Hey guys.
Obviously I'm pretty new to hacking, and the whole scene.
When I was younger, I used some keyloggers to get accounts for an online game I played, so that is about the extent of my experience. I have some questions, hopefully I am posting this in the right section.

I'd like to start by saying thanks for taking the time to read my thread  ;)

The last few days I have been reading a lot about SQLi, XSS, and Website Hacking in general, and it is something I would really like to learn. Like hacking into a website, getting into the database and seeing all the juicy info. Stuff of that nature. Although hacking in general interests me very much, that is what really grabs my attention.

Here are my questions:
1. Where should I start if I want to learn these things?(SQLi, XSS, Web Hacking) By reading some guides online, if so do you have any to suggest? Or is there any websites that are like interactive learning for this? Perhaps a book would be the best way?

2. What are some of the tools I will need? I have SLQi Dumper, Havij 1.17, SQLMap, Accunetic Web Vuln Scanner, and also a few dork scanners, although I don't know how to use any of them :P except a tiny bit with Havij. Is there any tools or software I should still get? (not looking for handouts, I don't mind finding the tool by myself, I ust need to know what to look for)

3. I guess this should have been first, but anyhow, am I too old to learn this type of stuff? I'm 23, and I notice a lot of people seem to have started in their teens, so this is something I was wondering.

4. Are there any tips, or suggestions you may have for someone wanting to start out doing this?

5. Should I focus on one area and get a decent understanding before moving on to the next? Like study at SQLi until I understand it pretty well, then move onto XSS training, or would it be okay to learn both at the same time.

Something else I was wondering, is the 'art' if you will, of SQL Injection, finding XSS exploits and Web hacking called Pentesting? Or is this something completely different?

As I mentioned before, I'm not looking to be spoonfed and just handed stuff. I would however greatly appreciate a nudge in the right direction. Like maybe a small list of the key points I need to learn, or anything that will help me. I don't mind putting in the work, that is what is actually supposed to make it enjoyable.

Thanks for any and all information, help, or input you post.
« Last Edit: September 18, 2015, 12:23:47 am by Nekron811 »

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Questions on what I should focus on learning.
« Reply #1 on: September 18, 2015, 04:36:31 pm »
Learn PHP,SQL,HTML,javascript and some linux.
Then get back to these topics as they will start to make sense, you will review your own question and understand in a matter of weeks/months depending on how fast you learn.
Forget about breaking it as long as you can't make it.
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline Dameon

  • Serf
  • *
  • Posts: 48
  • Cookies: 1
    • View Profile
Re: Questions on what I should focus on learning.
« Reply #2 on: September 19, 2015, 04:58:05 am »
You are never too old to start. I would also advise learning one thing at a time so you get the best understanding of the topic that you can then build out from there

Sent from my SM-N900A using Tapatalk


Offline NLited

  • /dev/null
  • *
  • Posts: 10
  • Cookies: -6
    • View Profile
Re: Questions on what I should focus on learning.
« Reply #3 on: October 18, 2015, 03:26:07 pm »
I suggest you to learn programming. Maybe start with python since it is easier to learn for beginners. Programming because everything that works with electricity is programmed somehow. Also start with penetration testing. Then you should start to write your own scripts and programs. As an example I was interested in learning how to modify apk(Apps) so I went to google and started to learn a little bit about it-->Some words(Smali programming, xml programming or arm programming(for phones)). As an example when you open an apk(phone) in IDA pro to disassemble it you will find yourself in arm code. You see if you want to learn hacking you need to learn how to program. A tip if you want to open .lib (library files) of an playstore game you will need IDA pro same for other .lib files that are not from an apk. If you want to hack something you need to understand how it works. When you decompile an apk you will find many folders but mostly you will only need the smali folders and the (lib files(you will find when you decompiled it)). You can also manipulate the payment process in the smali code in some apks. After you finished with editing you need to recompile the apk and then sign it to be able to install it on android or iPhone. Sorry wrote to much :) . For more info (You know: Google and Youtube).