Other stuff - Beginners guide to hacking and penetration testing (2017)

Beginners guide to hacking and penetration testing (2017)

Other stuff:

In this section we will be looking at good programming languages to learn, Capture the Flag (CTF sites), Talk about the darknet, and some useful browser plugins.


The importance of learning a programming language moving forward, though not necessarily a "have to know" for beginner hackers, it can help you go far in the future. Knowing how to program your own exploits, understanding how a program works to exploit it or troubleshoot it will go a long way. While there is no single language that is a must know programming language my personal recommendation would be to learn at least one of the following:

Python: https://www.python.org/

Ruby: https://www.ruby-lang.org/en/

C: http://www.cprogramming.com/

Teaching a programming language in this book, is beyond the scope of this book, however one great resource to learn can be found for free at: https://automatetheboringstuff.com/

CTF and other sites to practice:

As they say practice makes perfect, but other than our own virtual labs how do we practice in a safe environment? There are a number of places that can help you to this end.

Capture the Flag:

A capture the flag (or CTF) scenario is a unique opportunity to put your hacking skills to the test by performing certain goals in order to capture flags. These can be competitions of single contestants or teams, or even "when you want" scenario where you are not running against the clock. The complexity of these CTF's vary, so be sure to check to find one that will meet your expectations and time. Below is by no means a complete list, but one to get you started:

Time Based/Annual CTF's:

Defcon: https://defcon.org/html/links/dc-ctf.html

CTF365: https://ctf365.com/

SANS NetWars: https://www.sans.org/netwars/

SANS Holiday Hack Challenge: https://holidayhackchallenge.com/2016/

Anytime CTF and practice sites: Picoctf: https://picoctf.com/

Hack This Site: https://www.hackthissite.org/

Pwnable: http://pwnable.kr/

Facebook CTF: https://www.facebook.com/notes/facebook-ctf/facebook-ctf-is-now-open- source/525464774322241

Over The Wire: http://overthewire.org/wargames/bandit/


The darknet, also known as the deepweb is essentially the part of the web that is not indexed (meaning they will not show up on a normal Google search. In order to access it you will need Tor and a onion link to browse to A list of hidden links can be found here: http://hiddenwikitor.com/ Now it is important to note that browsing the darknet can be extremely dangerous and caution should be used if you decide to brows it. While not all site are bad there is a huge amount of dangerous dealings that are handled here such as drug trading, prostitution, hitman's for hire, etc. Also browsing the darknet may raise the suspicion of law enforcement.

Browser Settings and Plugins:

In this section we will look at browser settings and plugins to help not only keep you safe online, but also a suite of tools to help you get around in your reconnaissance. This is by no means a definitive list as tools will always change in terms of which ones that are still updates, new tools, and it will also depend on your own personal needs. The tools listed are the ones that I personally use and find very useful when added to some of the other tools mentioned in this book. Also the tools listed are Firefox applications, there may also be available for the Chrome browser (You will need to check).

Program list:

Lightbeam: A visual representation that shows you who is tracking you: https://www.mozilla.org/en-US/lightbeam/

HTTPS Everywhere: Sets your web searches to https by default: https://www.eff.org/https- everywhere

Fireshot: Screenshot program that can output to a PDF: https://www.getfirebug.com/

No Script: Prevents scripts from running. It also gives you granular control of what scripts that can run: https://noscript.net/

Firebug: Inspect HTML and Javascript debugger: https://www.getfirebug.com/

Disconnect: Privately search the web: https://disconnect.me/

DownThemAll!: Mass downloader: downthemall.net

Resurrect: Resurrect dead web pages: https://trac.arantius.com/wiki/Extensions/Resurrect

Foxy Proxy: A simple on/off proxy switcher: https://getfoxyproxy.org/

Self-Destructing Cookies: Protects against trackers and zombie-cookies: https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/?src=api

This is soooo much work….

So clearly that is a good rounded set of tools to start with or use, but isn't there a easier way to load up on a ton of really cool tools without having to add each one, one at a time? There is an easier, more efficient way to load a ton of cool tools, especially if we loaded Buscador into a VM, or if we fired it up as a live CD with internet access. For the following tutorial we are going to assume that you have it loaded in a Virtual Machine already and launched it.

Start up Buscador, the password is: osint by default.

Open up Firefox, click on the Open menu option (The 3 lines in the upper right hand corner) and select


Click on Sync on the side and Sign In. If you don't have an account go ahead and create one.

Next Steps:

From here All of the bookmarks and Firefox plugins will sync to your account (in addition to pre-existing ones that you may have created). Simply go to your other computer and repeat the process to sync your bookmarks and plugins over!