Welcome to Hacking Re-Coded! This adventure aims to make us a better Ethical Hacker and Programmer. What do I mean by that? Well, we are not going to be creating a new Social Media Site. Instead, we'll focus on coding tools/apps to help penetrate systems and networks. No reliance on pre-existing tools; we'll create our own to gain a deeper understanding. Except for the first few boxes. A few excellent tools like WireShark and Burp will be used as this will help clear any confusion around protocols as we move along.
Hackthebox/TryHackMe/ even our Home Lab will be our training ground, preparing us for careers as Ethical Hackers and Penetration testers. A Penetration test, or "Pentest," involves authorized attacks on computer systems to identify vulnerabilities and strengthen security. Why would someone approve of this approach? Actually, it's a proactive method for enhancing IT security. By simulating a breach from a Black Hat perspective within our own networks/systems, we can identify vulnerabilities and promptly remediate those areas. It's essential to remember that Cybersecurity is a multi-faceted challenge with various aspects to consider, and this approach is just one of the effective strategies to address it.
Don't consider the series/tools as reinventing the wheel but rather gaining a better and deeper understanding of the tools we use daily.
We'll follow the crawl-walk-run method, starting slow and gradually building coding techniques, like Threading/Multiprocessing and networking concepts. Network programming and protocol breakdowns will be a major focus.
Programming can be intimidating, especially in the hacker space, but fear not! We'll go into detail with heavily commented code, and I encourage you to code along and add your own tweaks. Only the terminal will be used, no GUI distractions.
We'll primarily use Python, but we won't shy away from other languages if given the oppurtunity as each is unique in their own way! A new twist awaits with Functional Programming and my favorite language, Haskell. This hold the library Hakyll, which is the static site generator powering this blog. Get ready to dive into the world of ethical hacking and coding!
What does a Hacker's toolkit look like?
| Port Scanners | Recon Gadgets |
|---|---|
| As a Hacker; port scanning is something we should become familiar with as we will be performing reconnaissance to fingerprint the target to find ports/services and other useful info. | Recon gadgets will consist of quick tools/scripts to help automate the process of information gathering such as if FTP/SMB have anonymous access allowed. |
| NetBear TCP/UDP Network Utility | Web Server Mapping |
| Our Netcat lookalike NetBear will be our own version to read/write to and from TCP/UDP sockets. Who doesn't love Bear's!!! | When dealing with Web apps we want to know hidden details so we will attempt to map the service like Directory Mapping. |
| Web Proxy | Online/Offline Username/Password Bruters |
| Moreso we need a way to intercept web traffic for analysis and fuzzing data; our Web Proxy will take care of that! | A way to automate username/password spraying. Offline cracking on local machine and Online web portal attacks. |
| Debuggers & DLL Injection | Windows/Linux Priviledge Escalation |
| A few machines will give us the oppurtunity to debug applications allowing us manipulate all sorts of different things including DLL Injection. | Once we gain initial access, we want different tools/scripts to help automate or at least help point us in the right direction for escalating priviledges. Scripts like WinEnum/LinEnum. |
This only scratches the surface...
