Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
R-C-D160066y@CodePatronus cool man !!!!
Tell me! Where to go? What to read ? Did you broke into NSA? -
Learn operating systems and protocols back and forth. Can't exploit any system unless you understand exactly how it works.
-
@R1100 probably windows, since most of enterprise uses Microsoft. But the low level concepts are more important than a specific operating system. I'd recommend some system programming at the same time, that helps cement that knowledge.
-
R-C-D160066y@segfault0xff i have a question
Win is closed source so you meant mastering using it? -
Condor324966yData sciense.. Algorythm.. lotsa crinse :')
That being said, I've mentioned it in the other rant as well. Curiosity! Curiosity about the inner parts of whatever you can get your dick beaters on. Take a peep under the skirt, and see how she works. First time is always scary.. all alone, in the dark.. but once you get the hang of it, it'll become much more familiar. Also there's no shortcuts. To really become good at your craft, there's only the hard and proper way. Oh and refrain from cringe posting about this or that hack. If you're only in it for breaking into shit from others, I can not help you and do not have a desire to do so. If however you're looking to learn, start by setting up a lab environment if you haven't done so already, and have a look on Null Byte for some things you can do in the lab. I'd put in this lab some WanBLowS target VM, Metasploitable perhaps for learning how certain tools work, and another pentesting VM that you'll be conducting your attacks from. From there on, it'll probably grow over time. Using a separate network and bridging the VM's connections may also be helpful.. but that requires networking experience and a dedicated virtualization host of course. Something like Proxmox.
Edit: whoops, didn't read the whole post. Exploits, hmm.. well reading the source code of existing ones helps, and looking for vulnerabilities in the programs you're looking to write an exploit for. I'd say low level programming languages, particularly C as well as Assembly for reverse engineering. -
R-C-D160066y@Condor yess !
I've got a small homemade lab of different os and perform my attacks from a kali systems.
But still only usy scripts written by others and that is what really bothers -
Condor324966yOh and vulnerability disclosures! Take BlueBorne for example, excellent paper but no public exploits have been written for it so far.
-
Condor324966y@R1100 Well yeah, I'd be bothered by that as well :P
If you want to write your own scripts, maybe you'll want to look at what they use under the hood.. TCP sockets, certain algorithms to generate wordlists, you get the idea. Take ncat or even plain nc which is the little brother of nmap. You can write your own scanning scripts for that, to e.g. look only for certain ports to reduce your reconnaissance footprint. Things like that maybe. Python and Bash are good languages for quick and dirty scripts like that. -
Condor324966y@R1100 Of course! You'd be surprised how simple yet overengineered some stuff out there is.
Hey hackers! It's me again 😀
If I wanna be an awesome pentester / bug hunter , what should be my main focus?
Network?
Data sciense?
Algorythm?
Low level programming?
I've already passed network + and basics of ccna and I already know pentesting using kali and I know c and python as well.
Just not sure where to go next and keep using kali packages makes me feel like a script kiddie (which is aweful 😬)
Dreaming to be able to write my own exploits and have my own 0day bugs👑
Thanks for any recommandation you would
rant