Want to hack computers? But what is hacking and how do people learn it?
Here’s a vetted list of resources to learn computer hacking. Starting out is hard work, so that’s why I’ve put this list together, to help demystify hacking for you.
The good news is anyone (including you) can learn to hack, and in even better news, it’s a lot of fun. All you need is effort and time, most of the resources are completely free.
Disclaimer, approx times and prices are included for each resource, check links confirmation. Start with the fundamentals, otherwise, there’s no particular order, learn how you like.
If you don’t like goal setting or mindset stuff, feel free to skip to Fundamentals, but it’s worth setting your expectations. Learning to hack is hard work, so start embracing problem-solving, why? Hacking is a series of solving smaller problems to solve a larger problem.
Think about it like this, climbing ladders vs rock climbing. You expect learning to be like climbing up a ladder. Each piece of information is like a rung on a ladder and with each step up you understand it and safely climb to the top – you’re a hacker.
Learning hacking is more like rock climbing. There are multiple ways to reach the top, some are beyond your reach right now, some might be a lot easier. You might spend ages on one track which gets too hard and forces you to go back and start again on another path.
To hack something, you need to understand that thing, so hacking computers can take years. Here are a few tips, 1) don’t quit when it gets hard, 2) be prepared to read a lot, 3) take your time, re-read information, 4) find a good support network, 5) take breaks from studying.
Technology is a massive industry and hacking falls under Cyber Security which is also a massive industry in itself. To stand a chance in this industry, you need skills in basics computing, here’s what’s recommended:
- Operating Systems (OS): Linux (Ubuntu, Kali), Windows, Windows Server (Active Directory).
- Virtualization: Type 1 (Proxmox), Type 2 (VirtualBox, VMWare Workstation, Hyper-V).
- Networking: TCP/IP, DNS, DHCP, IPv4/6.
- Programming/Coding: Web (HTML, CSS, JS), Python, BASH, Perl.
Start with Hoppers Roppers Computing Fundamentals
free, this introduces you to the above areas and most importantly, the Linux kernel. Linux allows the most dominant OSs which run the internet. In order to hack, Linux is a must, so to bounce around while learning Linux, try:
- OccupyTheWeb’s Linux For Hackers
- Linux Unhatched (course notes)
- NetworkChuck’s Linux for Hackers
- My Linux Quick Start Guide
Sign up with TryHackMe, an amazing Cyber Security learning platform and then choose a path. Either the Free Guide for Beginners
free or start the Premium Complete Beginner
costs (writeups Linux Part 1, Part 2, Part 3, nmap, Network Services Part 1, Part 2, Part 3).
Roppers will introduce you to a programming language called Python and the phenomenal book Automate The Boring Stuff
free and Udemy Course
low cost. For more on learning Python, see:
- Zed A. Shaw’s Learn Python The Hard Way
- OccupyTheWeb’s Python Scripting for Hackers
- My Intro To Python
Lastly, take Intro To Computer Science CS50x
free/cert costs, a great way to round out everything you’ve learnt so far. There’s approx
~300hrs of learning, almost all free gearing you up for Cyber Security.
Capture The Flags
Practice your hacker skills in Capture The Flags (CTFs), gamified lessons based on real tech. They range from downloadable files and quiz-like questions to remote VMs you need to break into. CTFs are designed to teach you important skills while creating a fun, competitive environment. For more, see What Is CTF?
Roppers Fundamentals introduced you to OverTheWire’s Bandit free a free beginner CTF (writeups 0 – 4, 5 – 10, 11 – 15) start here. Then tackle some PicoCTF free (writeup) to keep practising. Head back to TryHackMe and follow their Complete Guide
free (writeups Rootme) before starting Roppers Intro To CTFs
free and Networking with CTFs
free. Check out VulnHub
free to download vulnerable VMs, it’s a good intro to homelabbing, more on that soon.
Now you’re comfortable with CTFs, check CTF Time
free to find live in-person or online events at your skill level. Some CTFs are team-based, but if that’s too daunting, you can always tack solo CTFs. Check out PicoCTF
free and Trace Labs
Roppers Fundamentals introduced running an Ubuntu VM, your homelab has begun. Labs are playgrounds for testing and experimenting, using virtualisation software known as hypervisors to replicate real networks and computing technologies.
Hypervisors are classed as either Type 1 bare-metal or Type 2 applications, for example, VirtualBox, Hyper-V or VMWare Workstation. Do some research to find which suits you, I recommend starting with VirtualBox.
Since you’re spawning VMs on your host computer, be aware of your hardware limitations such as CPU, RAM and HDD. For a basic attack box, use Kali
free with at least a 2 Core CPU, 4GB RAM, and 20GB HDD.
From here on out it’s up to you, see CyberWox Home Lab or da667’s Building a Virtual Lab which covers pfSense
free, Security Onion
free eval, Ubuntu Desktop
free, Windows Server
free eval, Windows Desktop
free eval, Splunk
free dev and VulnHub machines
free. Requires 8 core CPU, 16Gb RAM and 500Gb HDD.
It’s good if you can have a dedicated lab system like an old laptop or gaming PC, for more, see Guide To Homelabbing. If you’ve never built a computer before, it’s a great practice to buy parts yourself and assemble them, for help see How To Build A PC.
In order to stay focused while learning, not to mention keeping up to date with the ever-changing field that is Cyber Sec, find some good communities.
These are the guys and gals out there, other students on the same path or experts who have been in the field for years. Learn from others, always, plus, all of your courses, CTFs and labs get exhausting, so break it up.
- Darknet Diaries: podcast, Cyber Sec/Crime stories.
- John Hammond: video, CTF walkthroughs and hacking tutorials.
- LiveOverflow: video, CTF walkthroughs and hacking conferences.
- Seytonic: video, Cyber Security news.
Worth checking out:
- Chris Titus Tech: videos, Linux and Networking.
- ComputerFile: videos, technical topics.
- CS50tv: videos, computer science, interviews and lessons.
- Custodian Data Centres: videos, networking and work inside data centres.
- DarkSec: videos, CTF walkthroughs and Cyber Security presentations.
- David Bombal: videos, programming, networking, hacking and more.
- Day Cyberwox: videos, cloud, networking and certifications.
- DFIR DIVA: articles, Cyber Security, forensics and hacking.
- FreeCodeCamp: article/video, programming, networking and more.
- Hak5 – videos, hacking hardware.
- Hackers Arise: articles, hacking, hacktivism, Cyber Security.
- Jeff Geerling – videos, hardware/networking projects.
- Jim Browning – videos, phishing scams and cybercrime.
- Kalle Hallden – videos, python programming and Linux.
- NetworkChuck – videos, Linux, hacking/networking.
- Professor Messer – videos, networking and certs.
- Samy Kamkar – cyber sec professional.
- STÖK – videos on bug bounties and hacking.
- TechnoTim: videos, homelabbing, open-source and networking.
- The Cyber Mentor – videos, hacking, Linux and python.
- Trace Labs – podcast/videos, OSINT hacking.
Think about the countless people who provide malware analysis, training walkthroughs, CTF boxes and much more. How can you give back to the amazing community?
Start a YouTube channel, write a blog, set up a podcast or sign up for Twitter and share for others to learn. If you need help, see #100DaysOfHacking for more.
There are a few benefits to sharing your journey, 1) help people, 2) better understand things, 3) meet people, 4) increase luck surface area, 5) nurture other skills, and 6) make yourself accountable.
Thanks to LiveOverflow’s Guide to Learn Hacking, Simply Cyber’s Free Resource’s, Roppers Things Worth Doing and Roadmap. Here’s more I need to spend time with CyberDefender, Let’s Defend, Security Blue Team, Hacker101, CTFLearn, Cybrary, and PentesterLab.
This is days 5, 11, 16, 32 and 44 of #100DaysOfHacking on the Hackers Learning Path. Subscribe for CyberSec updates or read more, happy hacking.