Prerequisites for Hackers : What you need to know before getting into hacking!
To be proficient in hacking, you need some prerequisite knowledge. This knowledge includes having a basic understanding of : networking, operating systems (Windows & Linux) as well as coding/scripting. (for the most part :)
Now , in case you are just getting started in this field, I know that must sound like a lot and it might look a bit scary. And this is the part where script kiddies and hackers differentiate .
BTW check out this article to find out how to NOT be a script kiddie
Running a bash script in our freshly installed Kali Linux environment and praying that the system we’re attacking has not yet been patched from the 2003 version is something a toddler can do. No, literally. Truly, there is nothing wrong with experimenting and exploiting Metasploitable 2 . There is something wrong however, when we do not understand what is happening behind the scenes. What was the vulnerability in the vsftpd 2.3.4 service and most importantly, how did we exploit it? Those are the kind of questions to which we should have instantaneous answers.
That is the importance of getting our foundational knowledge steady before we dive into these fancy topics like hacking. So , let’s dive into each and every category I think you should be pretty familiar with before you start learning “hacking” .
Networking
There is no doubt that networking is one of the most important topics we should be familiar with, if we want to be proficient in infosec.
Everything that we do on the internet, or even on a LAN (local area network), is possible because of computer networking. It is very important to understand the following topics in networking :
- IP addresses
- TCP & UDP
- Three-way Handshake
- Common ports
- Common services and protocols
- OSI model
- Subnetting
In my opinion, these are the most important to know . There are of course other things, like DNS , DHCP etc.
Here is a completely free course that preps you for the Network+, a certification for basic networking knowledge :
If you go through this course, I’d say you have enough knowledge to move up the learning ladder.
Operating Systems
This one should be a no-brainer. Every computer needs an operating systems to, well, operate. The most used operating systems in the field are Windows and Linux. So, you will need to have a very good understanding of both.
Linux
Some cybersecurity content creators,mentors,professionals or whatever might recommend you to invest in courses,books or something similar to that . Personally , my biggest advice to you is to download a version of linux, whether that’d Kali, Ubuntu, BlackArch, doesn’t really matter (Debian or Arch should be the choice since most of our tools are supportive of them, but it’s up to you to make the decision), and literally just start using that operating system. At first, it would be a mess, but you will progress MUCH faster than if you were just reading a book.
Now when I say this, I don’t mean to discredit books or courses. They should be an add-on. Watch youtube tutorials, or if you are willing to pay, watch courses and read books WHILE actually using LINUX. It is very crucial. Linux for me was love at first sight. I really loved the way the kernel functioned, the open-source ideology and really everything about it. And I think this helped me learn the command line extremely fast. For me, the terminal felt like home after maybe a few weeks of using Linux.
So to recap, ACTUALLY install a Linux distribution, watch tutorials and use the command line A LOT. If you want to change the name of a simple txt file, don’t use the GUI, use the CLI. It is very crucial!
Windows
Good ol’ Windows. Everybody has used it. Probably most of you still use it. You should already be familiar with the Windows environment.
The things you need to further learn about Windows, are the common services used , such as WMI, RDP, Kerberos, LDAP, SMB,WinRM . (these are mostly common in Active Directory -> we’ll talk about AD in the sequel article to this).
Another thing you should know is again, the command line. During pentests/hacking, you’ll land on Windows machines, but it won’t be the familiar GUI experience, it would be a beautiful shell that would probably look something like this :
So, you will need to learn how to use the OS , from CMD. Similarly to how we would use linux , from the terminal.
After getting comfortable with the command line, a little bit of powershell is never wrong. Powershell is a very nice and practical scripting language. This is not necessary, but it would be a nice skill to add .
Coding
Finally, coding. What powers everything we do digitally. You do not need to go crazy on this one. Just simple scripting knowledge should be enough for you.
The important aspect here, is to UNDERSTAND code. You do not need to be a professional software developer to be a good hacker. You just need to be able to understand what code does. Basically be able to read it.
A good starter language, is good ol’ Python. Definitely my favourite language, and a very good one to start your coding journey. Personally, I do know how to code. The reason for this was because I wanted to create my own malware and maybe even exploits (I haven’t really gotten into any fancy exploit development apart from some basic Buffer Overflows just yet). But primarily , I learnt to code to be able to design my own hacking tools and malware. I really love creating my own functions , and really making malware undetectable, just for my work.
Like I said, you don’t need to learn how to code, but just be able to read and understand it would be enough. Keep in mind, there might be some job duties that will include code review. So, this is why you really need to understand it. You will find that sometimes you’ll come over some leaked piece of code, or maybe just an open source program, and discover vulnerabilities just by understanding what the code is supposed to do, and spotting where the weaknesses are.
Conclusion
In my opinion, these are the topics you need to have at least a basic understanding of before you jump into the world of hacking.
A bonus TIP for reading all the way through the article -> After you finish learning about all of these topics as your prerequisites for hacking, check out this free course by Professor Messer that will get you started into the world of Security. (just the basics of security before the really techy stuff)
That was it for this article, stay tuned for the sequel, in which I’ll be going over the hacking resources you need to check out!
