Top products from r/Hacking

Alright for hacking... It's a LOTTT of stuff you'll need to learn, everything from hacking wifi, hacking websites, cracking passwords. But really all a hacker is, is someone who knows the system so well they can exploit and break it.

What kind of people are hackers/pen-testers?

Unless your job title is literately "red-teamer, or pentester" then "hackers" are usually security researchers, white hats, security analysts, hobbyists, people who tinker around. But really all hackers are, are computer nerds who love this stuff, this is what we live for. So just don't do anything stupid and don't do anything illegal.

Here is some of the big areas you'll need to learn:

Networking / Network security

Linux / Windows (https://linuxjourney.com is amazing) I learned a ton by creating my own custom Debian based Linux Disro.

Forensics

Cryptography / Stenography

Malware / Malware analysis

System hardening / system security

Privacy techniques (Being safe, Tor, Tails, what you share on social media)

Exploiting services, exploiting machines

Wireless attacks (WEP, WPA, WPA2)

Common vulnerabilities, and exploits

How to use google. (Like dorking, Shodan, using online resources)

Maybe some basic python and scripting

Basic security concepts like NIPS, NIDS, SIEMS, mitigation, security policies.

Common ports and services (You can find flashcards on Quizlet)

https://www.cybrary.it/course/intro-to-infosec

https://www.cybrary.it/course/kali-linux-fundamentals

https://www.cybrary.it/course/ethical-hacking

https://www.cybrary.it/course/comptia-aplus

https://www.cybrary.it/course/comptia-902-2018

https://www.cybrary.it/course/comptia-network-plus

https://www.cybrary.it/course/comptia-security-plus

https://www.cybrary.it/course/comptia-cysa-2018

https://www.udemy.com/pentestplus

https://www.udemy.com/ccna-on-demand-video-boot-camp

https://www.youtube.com/watch?v=wBp0Rb-ZJak (The Complete Linux Course: Beginner to Power User)

Also check out

https://www.youtube.com/user/professormesser

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q (Hackersploit)

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w (LiveOverflow)

https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd (Messer, Networking)

https://www.youtube.com/watch?v=vrh0epPAC5w (Animated full Network+ course)

www.reddit.com/r/netsec

www.reddit.com/r/netsecstudents

www.reddit.com/r/comptia

www.reddit.com/r/linux

150 dumped full courses for free

-https://pastebin.com/j0WVfDif

(my favorites)

http://www.mediafire.com/download/2kczrn29gt6fdp3/Introduction+to+Firewalls.rar

http://www.mediafire.com/download/mnulcdbw817f9q0/Metasploit+Basics.rar

http://www.mediafire.com/download/lhajdkufn9oi5ta/Cisco+CCNA+Security%3B+Firewalls+and+VPNs.rar

http://www.mediafire.com/download/yraijpmuzoa1zpn/Cisco+CCNA+Security%3B+Introduction+to+Network+Security.rar

Practice the skills you learn with CTF'S (Capture the flag)

https://www.hackthebox.eu

https://www.hackthissite.org

http://overthewire.org

https://picoctf.com

https://www.vulnhub.com

http://www.dvwa.co.uk

https://pwnable.tw

Start researching and studying for certifications, COMPTIA, CISCO, REDHAT

https://certification.comptia.org/certifications/security

https://certification.comptia.org/certifications/cybersecurity-analyst

https://certification.comptia.org/certifications/pentest

https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-routing-switching.html

The intro/easy certs are

Comptia A+ (Hardware, basic computers stuff, cables and stuff)

Comptia Network+ (Networking, network topologies, types, subnetting, vlans, dmz's)

Comptia Security+ (Malware types, threads, attacks, policies)

A bit hard and better certs

Cisco CCNA Cyber ops

Comptia CYSA+ (Security analyst stuff, the security+ but much more in depth)

Comptia Pentest+ (Pentesting tools, methodology, steps, ect.)

eLeanSecurity eJPT (junior pentesting cert)

ecouncil CEH (Good for DoD jobs, kinda outdated tho, hacking stuff)

Now it gets pretty advanced

Comptia CASP+ (advanced methods, concepts, techniques regarding security)

OCSP (Oooh the cool kinds have this one, pentesting galore < msut have)

Comptia CISSP (HR and people love this one, high level cert)

GPEN

GIAC

My recommended pathway is Security+ > Cysa+ > Pentest+ > CEH > CASP+ > OCSP > CISSP

Here is Comptia's recommended pathway .PDF

Start to learn a programming language

Python is highly recommended for people who are looking for a first language because:

It’s easy to learn.

It’s great for scripting.

It can be used for just about anything.

https://www.python.org

https://www.youtube.com/watch?v=rfscVS0vtbw (4 hour nice intro to Python course)

Depending how deep you go you might need to learn C and or Assembly, both are commonly used for malware analysis, reverse engineering, binary exploitation, and exploit development. This also will require you to learn things like GCC, GDB, IDA, Hopper, and all the fun stuff. But this can be really really hard to learn, but is incredibly rewarding.

I can always recommend the Red team Field manual.

https://www.amazon.com/dp/1494295504/ref=cm_sw_r_cp_awdb_t1_2cXvCbPQCA1NC

Some nice cheatsheets I have printed out.

https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

https://blogs.sans.org/pen-testing/files/2013/10/NmapCheatSheetv1.0.pdf

https://www.loggly.com/wp-content/uploads/2015/05/Linux-Cheat-Sheet-Sponsored-By-Loggly.pdf

If you are interested in learning technquies and want to pratice in a safe and secure environenment I would suggest the use of VMWare. This allows you to install operating systems on virtual machines that work just like standard computers. From there I would suggest use Backtrack 4/5 and start looking at some of the tools pre-installed. VMware also has the added advantage of being able to handle multiple types of networks at the same time. This includes Bridged(the network on the guest OS appears on your Lan), NAT(This acts like a system behind a router requiring port forwarding and other techniques), and Host-Only.

There is also a book I really enjoyed on some of the finer points of hacking called Hacking: The Art of Exploitation. I feel this book does a great job in teaching the concepts behind buffer-overflows, memory mapping, networking, and cryptography.

As far as hacking into particular operating systems, Windows XP SP0 is vulnerable to MS08_067, so if you can manage to obtain an early version of XP. Metasploit which is built into Backtrack has this exploit already loaded.

VMs are the best way to go btw. What are the specs of the system you tried it on?

Wow, it's really encouraging to see people new to hacking actually following the right path. Far too many people disassociate hacking with what it truly is, but you're not one of them; I see that you've got your answer already, but l feel it's necessary to keep pushing you in the right direction. Good luck in your endeavours :)


Some neat resources for someone interested in Binary Exploitation:

Smash The Stack


And a few books:

Hacking: The Art of Exploitation

The Shellcoders Handbook


I've got both of these books and a few on ASM, so I can vouch for them (as can their reviews and ratings).

Happy Hacking

Buy a decent book on pen testing using kali. A great starting point for beginners: https://www.amazon.com/Basics-Hacking-Penetration-Testing-Second/dp/0124116442

I'm 30 years old and currently working 30% in pen testing, and 70% with developing electronic warfare systems at the most reputable cyber security company in Scandinavia. I wish I had found this interest at your age! If you put some effort into it and have a genuine interest in the field, the possibilities are truly endless.

It might be a boring answer, but seriously.. Read! Don't get stuck playing around with tools, but read up on the subject as well. The book I linked is a very easy read, and will get you started with the practical aspects very quickly. Once you have the basics down you might also want to check out "The Hackers Playbook 2". If you find reading tedious I suggest enrolling in a course on udemy.com, that way you can alternate reading with video lectures.

Good luck! The industry needs more young and hungry minds :)

I read this book, it is an amazing one however it is pretty big and might be hard for you since you are not advanced as you said.

On my opinion, I highly recommend this book

https://www.amazon.com/Basics-Hacking-Penetration-Testing-Second/dp/0124116442/ref=sr_1_18?ie=UTF8&qid=1481534935&sr=8-18&keywords=hacking+books

It is easy to read and follow. And the way the book was written makes you never stop reading, I promise. (: good luck on you education my friend I hope this helps.

hi, i'm totally NOT an expert, but it's almost a year that i'm trying to study security on my own.

As other said, it will be very useful know programming like python, but also (the very hated)Php it's a plus to know.

It's also a must now REST communication and networking in general

i found this book very useful https://www.amazon.it/Hacker-Playbook-Practical-Penetration-Testing/dp/1494932636/

also there are a lot of useful video on youtube!

goodluck, mate

I'm gonna try to give you some real advice, instead of shitting on a newcomer.

First, you really gotta know your systems. You're a software developer, but that doesn't mean you have experience in assembly. Learn assembly. Pick up books on it. Know how overflows work, etc. Also, get a vulnerable system, and start practicing the exploits given to you in Metasploit. Once you feel comfortable exploiting a certain vuln, look at the code for that particular exploit. Learn how it works, what it exploits, etc. Get comfortable with the language.

You also have to figure out what type of hacker you want to be. Do you want to be specialized in host, or web app, network, etc. It really depends. You obviously don't have to pick a specialization up front, but it should guide you on the type of material to learn. In all, it comes with practice. I will copy/paste exactly what I told someone else who asked a few days ago. I feel the list I put together below will get you started.

Offensive Security has some great material for you to browse, and even some lab environments to work in. Read up on Metasploit and OWASP get comfortable with a linux command line, python scripting, and powershell if possible. Other than that, attend security conferences, learn from books, (I personally recommend Hacker Playbook 2) and just learn by practicing on vulnerable boxes like Metasploitable and DVWA
Other than that, you just learn by doing it. Get down a methodology, and learn why and how systems are vulnerable. Further down the road, reverse engineering, static code analysis, and other specialties come into play, but I think thats enough info to get you started. If you need anything else answered, or have any other questions, just DM me.

While Metasploit is a good tool, I would advise you to stray away from it until you learn. (I’m ignoring the fact that you rarely use Metasploit for web penetration testing in the real world anyways...)


You can carry out most of web penetration testing with just few tools like BurpSuite (this is the main one), a directory bruteforcer (gobuster, dirbuster, dirb, wfuzz..) and Nmap. These 3 tools should give you initial idea about the web application and its structure. Then it boils down to your enumeration and ability to spot weird or possibly vulnerable behavior. What is considered as “weird” or “vulnerable” behavior? According to OWASP, countless things. They made a whole web penetration testing guide for that reason - you can find it here: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents.


Alternatively, this book (https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470) covers web based exploitation in great depths and I highly recommend you obtain it. It was one of my first books ever and is definitely among my favorites.


Another useful resources:
https://portswigger.net/web-security

https://www.hackerone.com/hacker101


EDIT:
Yes, there are other very specific tools which come in handy such as wpscan or sqlmap. While I don’t mind wpscan that much, I strongly believe one should be able to do a manual sql injection before using sqlmap (therefore avoid sqlmap when learning). This way you understand what is happening behind the green terminal ;).

PS: Sorry for formatting, typed this up on a phone. I’m also pretty tired so please excuse my janky grammar!

I'm the manager of application security and research at a mid-level software vendor with over 400 developers and testers and I want to recommend you ignore all of the more generic advice currently in this thread. As someone with coding experience and interest, you have a unique path to infosec that so many companies want, but find it extremely difficult to hire for.

Any company that ships software has to consider the security of their application - full stop. Most rely on scanners or annual third-party vulnerability assessments for this, but obviously that falls short. They need people who can build security in from an architectural standpoint. Someone who can actually implement the fixes suggested by the above methods, and ideally, someone who can help implement security as an integral part of the SDLC instead of as a bolt-on premise.

My recommendation is to make your way through 24 Deadly Sins of Software Security and The Web Application Hacker's Handbook. If you can understand the bulk of concepts in these two books, you'll be leagues ahead of almost any developer you find yourself up against in a hiring scenario. For the coup de gras, learn about threat modeling. It's a great way to teach other developers and testers security and to build security into any system during design instead of post-release. Check out this book which is actually probably a little too comprehensive, use this card game from Microsoft (it seems silly, but I promise you it works), and watch this talk one of the guys on my team gave at BSides Cincinnati.

If you have any questions, PM me.

There are online forums that provide with tutorials on how to hack certain things, so read those and try them on your own devices or devices you have the permission to attack.

Examples of those forums : [NullByte] (https://null-byte.wonderhowto.com/) and [BlackMOREOps] (https://www.blackmoreops.com/)

Download Kali, load it onto a USB and look at the tools, especially [Metasploit] (https://www.metasploit.com/) and play with port scanners and such. I'd also recommend running vulnerable VM's such as Metasploitable and running vulnerable web apps such as [DVWA] (http://www.dvwa.co.uk/).

When it comes to writing code, Python excells for writing hacking tools. There are books about that such as [Violent Python] (https://www.amazon.com/Violent-Python-Cookbook-Penetration-Engineers/dp/1597499579) and [Black Hat Python] (https://www.nostarch.com/blackhatpython). Im sure there are some about writing payloads and exploits in C, but I cant really remember the names.

If you have any questions, feel free to ask! And remember one thing: Be as creative as you can when experimenting. You'll learn a great deal that way.

Everyone seems to be pretty on point with their responses so I'll just throw some ideas out there that you can look into to maybe find a more exciting vector:

• Track down a botnet command and control infrastructure
  
• Reverse engineer programs with known 0 days to see if you can find said zero day
  
• Look into memory forensics (http://www.amazon.com/The-Art-Memory-Forensics-Detecting/dp/1118825098)
  
• Look into Red Teaming: There are positions out there that not only require you to "hack" an organization, but you have to be able to break into it physically as well
  
• Write some malware that gets past VirusTotal (https://www.virustotal.com/)
  
• If you are into puzzles check out the Defcon badge challenge
  
  Good luck!
  

Start with basic programming, maybe simple stuff like Ruby/Python to get a hang of functions and dynamic programming, then move onto C/C++ and even Java is good start a full language. The best book I think (it is fairly advanced) is Hacking: The Art of Exploitation, by Jon Erickson (http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441). You can find a pdf yourself, just Google. But the book has an explanation on reading the memory process of a program as well as computational and algorithmic thinking, it's really worth a read, even if it's over your head (as it was for me too haha)

What's Possible With Hacking?:

Things are more possible than you think; the more you know, the more you can do (hacking isn't just one thing to learn, it's a combination of different subjects).

Where can I learn about it?:

I recommend try to learn anything you can get your hands on, E-books, videos, etc. You should take the paid online courses later on, once you advance your knowledge.

!!TIP!!: Recommend reading some questions from him https://www.reddit.com/r/hacking/comments/4up17b/i_am_a_lead_penetration_tester_ama/

This book (recommended by a real pentester): https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566

Video on Kali Linux: https://www.youtube.com/watch?v=7nF2BAfWUEg&list=WL&index=3
(i recommend Kali btw, install it on a virtual machine. )

I got all this just from the internet, the internet has all the information you need; just get it from the right places.

(I know basically squat, i am also starting off as of today) good luck!

What you're asking for is kind of silly.... Here's a series that's all about real theoretical attacks though. You're not going to find information on how to steal money from a bank, but you can read books from hackers who have done a lot of interesting things, like a group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines in Kevin Mitnick's book.

Your welcome.
as you i also like the subject.

i found this books to be a good reading:

http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/ref=pd_bxgy_b_img_y

http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_13?s=books&ie=UTF8&qid=1413800973&sr=1-13&keywords=hackers+play

Have a look at this linux distribution
http://www.kali.org/

Is made for pentesting, it might give u a idea of things and in youtube u will find good tutorials about the tools that come with it.

Have fun

This is a really good book that teaches about software exploitation.

It also includes some great stuff on networking, cryptography etc.

I'm ~70 pages in and it's been invaluable as just a programming resource (C + Assembly) and I haven't even got to the exploitation section yet.

I'd recommend checking the amazon preview of the contents page to see what else it contains. (Bonus, it comes with a linux livecd to help you replicate all the results in the book)

I REALLY enjoyed the "Stealing the Network" series. The final books is especially good. It's a collection of realistic hacker stories/scenarios that all revolve around one main plot. The hacking focuses on being accurate while also outlandishly awesome. here's a link to the series on amazon: www.amazon.ca/gp/aw/d/159749299X
I'm on mobile so that's the best I can do for now..

Let's get down to buisness.

First off you need to start with your wireless card. What operating system are you running on? Kali Linux is a great OS to run off a thumb drive (Or Nexus, Or rasperry pi even) and it comes with all the programs you need to get going. The card you have needs to support monitor mode and packet injection in order to crack a pass. I know that the TP-Link TL-WN722N works well for this. Find a site to check the model of your current card and look for monitor mode capabilties and packet injection support.

Next we need to boot into kali linux. Kali has a fantastic amount of programs for you to use and im going to leave it up to you. It's a matter of preference. Also worth noting, in a unix terminal the command
ifconfig
can find the name of your wireless adapter (wlan0, wlan1, ect ect).

You wont have any issues trying to crack a password which is protected by WEP but WPA might give you some difficulty. Also dont forget to slow down and take some time to learn about what you're really doing! Thats the only way to really learn. Hope this helps.

Aircrack is safe but you will need a wifi card capable of packet injection. In Aircrack, you can isolate a single wireless network and send deauth packets. Which de-authenticates devices which are connected to that WiFi network. Essentially, they are disconnected. You can deauth for a short amount of time or let it run indefinitely.

Alfa makes some pretty good wireless cards.

https://www.amazon.com/Alfa-Long-Range-Dual-Band-Wireless-External/dp/B00VEEBOPG/ref=sr_1_3?crid=2U5GVB6F1JKU9&keywords=alfa+wireless+adapter&qid=1556828344&s=gateway&sprefix=alfa+wire%2Caps%2C185&sr=8-3

Start with learning computer systems, networking, and Linux. You need to be able to at least read computer code, know how data flows between computer networks, and how to do things in Linux. Here are few links to get you started:

First and foremost, basics and free stuff:

Intro to Linux
https://www.edx.org/course/introduction-linux-linuxfoundationx-lfs101x-2

Computer Networks
https://www.coursera.org/course/comnetworks

Intro to computer science and programming Python:
https://www.edx.org/course/introduction-computer-science-mitx-6-00-1x-0

Web development -- Will help you when (and if) you go through web pentest route
https://www.udacity.com/course/cs253

Cryptography
https://www.coursera.org/course/crypto


Once you've covered all above topic, you are ready to enter into pure-hacking learning:

First free stuff:
http://www.reddit.com/r/HowToHack
http://www.breakthesecurity.com/p/hacking-tutorials-for-beginners.html
http://www.securitytube.net/

Following cost money but take you through each and every step of a pentest without distractions:

Hacking Exposed ed.7
http://www.amazon.com/Hacking-Exposed-Network-Security-Solutions/dp/0071780289

The Hacker Playbook
http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636

Very expansive but well worth it (Bonus: It's a certification):
http://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

You can't "Hack" something with python, python is great as a scripting language and can be used to automate some processes that would take rather a long time doing it by hand ie: "Fuzzing" and writing exploits. if you wanna start "hacking with python" you need to have more than basic knowledge and you need knowledge about what you're going to be using python on.
If the terms "Fuzzing" and exploit writing doesn't sound familiar to you then i suggest you go back and do some more research.
There's a great book on that topic though called Violent Python that should give you an idea of what you're dealing with.

I wouldn't recommend starting off with metasploit, what you want to do is learn the basics on linux, I would recommend this book: http://www.amazon.com/Introduction-Unix-Linux-John-Muster/dp/0072226951

After that, learn some info sec theories (boring, but important if you want to make a career out of it.)

these two books are what I used: http://www.amazon.com/Computer-Security-Fundamentals-William-Easttom/dp/0131711296

http://www.amazon.com/Information-Security-Principles-Mark-Merkow/dp/0131547291/ref=pd_sim_b_2

The first book is mostly intro to basic concepts such as port scanning, firewalls, networking, etc. the second is info sec theories

This would most likely be your next book to buy, its a little more advanced, and has some challenging content in it.

http://www.amazon.com/Analyzing-Computer-Security-Vulnerability-Countermeasure/dp/0132789469

Finally grab this bad boy http://www.amazon.com/Metasploit-The-Penetration-Testers-Guide/dp/159327288X

you should have some decent knowledge about network security by then.

"Hacking the art of exploitation" is a book by Jon Erikson

http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441

It is published by a company called No Starch Press.

They are an amazing publisher and certainly know how to throw a party too!

Went to their party at DEFCON last year and had a blast.

The best starting point for a n00b is this book: http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1342722167&sr=8-1&keywords=hacking

Invest in this book.

some parts are a little outdated but it is by far the best place to start.

I think you're mixing issues... Klisch will certainly let you install software or drivers if you need.

And antennas don't need drivers or software, it's the card that needs a driver.

I use an Alfa external card, and Amazon will recommend several antennas if you need more than that.

https://www.amazon.com/Alfa-802-11b-Wireless-Original-9dBi/dp/B001O9X9EU

I've also heard good stuff about TPLink external cards. https://www.amazon.com/TP-Link-N150-Wireless-Adapter-TL-WN722N/dp/B002SZEOLG

Web applications hacker hand book is the best book I've read on web application security. Goes very in depth in the types of exploits in web applications, how to exploit them, what to use, and how to prevent them. If you have atleast a basic understanding of programming and are willing to read and understand this book (~1000 pages) you'll get up to speed pretty quick.

Here's the book:
https://g.co/kgs/upO3q

Edit: Not as focused on web applications but in my opinion another top contender:
Hacking: The Art of Exploitation, 2nd Edition https://www.amazon.com/dp/1593271441/ref=cm_sw_r_cp_api_zuDpxbSFKDHB1

The Art of Deception: Controlling the Human Element of Security

What Every BODY is Saying: An Ex-FBI Agent’s Guide to Speed-Reading People

Manwatching: A Field Guide to Human Behavior

How to Win Friends & Influence People

Influence: The Psychology of Persuasion

Games People Play: The Basic Handbook of Transactional Analysis

The 48 Laws of Power

>Where to learn kali

Hacker playbook 2

>What to use it with

Your own virtual machines or desktop machines that YOU OWN. The book covers how to set up those machines

>how to not get the fbi to how up at my door

Don't do anything stupid.. Hack your own equipment from the safety of your own subnet, and you aren't doing anything illegal. Have fun!

No its not a stupid question. Most people like the K&R book, which is like the C bible. Link

I recommend checking this out, it has a ton of recommended C books for beginners and Intermediate.

Like BotLenny said, Kali Linux is a good place to start, look at getting a book like this

There's a post like this every few weeks. Here's a link that links to a lot of other good links.

From personal experience, I recommend:

The Basics to Hacking and Penetration Testing

and since a lot of hacking these days has to do with social engineering, this book:

The Art of Deception

One thing good to learn is social engineering, as its one of the most common threats faced by basically everyone. If you learn how malicious social engineers think (and how they combine knowledge with tech based hacking), you can defend against them better. I enjoyed Unmasking the Social Engineer.

Also, if you're not experienced with low level systems, you should read The Art of Exploitation.

Yes, yes there is.

TCP/IP Illustrated:

https://www.amazon.com/dp/0321336313/

I made the same mistake, I was sad.
But, I use this (Alfa AWUS051NH 500mW High Gain 802.11a/b/g/n high power Wireless USB A / B / G / N Wireless WiFi Network adapter With a 5dBi and 9dBi Rubber Antenna a https://www.amazon.com/dp/B003YH1X48/ref=cm_sw_r_cp_apap_15GnNzukOZKdU)
to wipe my tears away.
Works pretty well and if you want to grab stuff that's farther away you can get a stronger antenna

Probably the best one out there:
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441

Buy it, read it, understand it. Skip nothing, and suck it in!

Good? Now go to town on Blowfish at www.smashthestack.org

I have had great results with this card:
http://www.amazon.com/gp/product/B002SZEOLG

http://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
this book is definitely what you're looking for, it talks about EVERYTHING in web security.

This book is great

This youtube channel is also great.

And r/HowToHack

get a TP-LINK TL-WN722N. I've been using it for a while and am very happy with it.

An NEH is indespensible for 802.11-specific stuff, but to really get into hacking itself, take a look at Hacking: The Art of Exploitation and maybe pick up a practical pentesting book like http://www.amazon.com/Penetration-Testing-Hands--Introduction-Hacking/dp/1593275641/ref=sr_1_1?ie=UTF8&qid=1420380278&sr=8-1&keywords=penetration+testing or http://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1494932636/ref=sr_1_2?ie=UTF8&qid=1420380278&sr=8-2&keywords=penetration+testing

Yeah, sure. Here you go.

Learn sysadmin skills (linux sysadmin especially), learn to program in atleast one language can be anything: javascript or even python. Learn to hack web applications. Learn about infrastructure penetration testing. Have a look at hackerone.com and bugcrowd.com. Here are some guides to get your started:
Here is a copy paste of what I sent to another guy. Anyways here is my reading list: Check this too for practice: (List of vulnerable web applications that you can try on)https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project Try hackerone and bugcrowd too. Live sites you can hack. Some Stuff to read: https://forum.bugcrowd.com/t/common-assessment-tool-cheatsheets/502 https://forum.bugcrowd.com/t/researcher-resources-tutorials/370 https://ghostbin.com/paste/5o5zc https://www.reddit.com/r/netsec/comments/4k7y0q/video_of_hack_on_catalan_police_union/ http://0x27.me/HackBack/0x00.txt https://www.reddit.com/r/netsec/comments/3782hv/here_are_some_burp_suite_tutorials_for_you_guys/ Also read: 1. The Web Application Hacker's Handbook. (800 pages but just browser through it) 2. The Database Hackers's Handbook 3. Android Hacker's Handbook 4 . This book is good if you still very new: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641 Also read this: https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf and this: https://github.com/jhaddix/tbhm Also check my subbreddit: /r/netsec_reading http://www.slideshare.net/bugcrowd/how-do-i-shot-web-jason-haddix-at-defcon-23 Some more blackhat stuff: https://ghostbin.com/paste/5o5zc https://www.reddit.com/r/netsec/comments/4k7y0q/video_of_hack_on_catalan_police_union/ http://0x27.me/HackBack/0x00.txt https://www.reddit.com/r/netsec/comments/3782hv/here_are_some_burp_suite_tutorials_for_you_guys/

I enjoyed this: Social Engineering: The Art of Human Hacking.

I'm always advocating hak5.org for newbies on here. Though I'd also toss in this: http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1324017233&sr=8-1

One thing to remember as you're getting started: don't expect to become a 1337 hax0r in one tutorial or over a few days. It's going to take time, effort, and lots of reading.

You mean the seventh edition? Yeah, you're right. I read the fifth one (2005!), and I can tell some methods are now deprecated or have increasingly evolved. But I don't know about 2012... However, I was still able to learn a lot from it. And it taught me to find resources to keep learning, so, it definitely wasn't a waste of my time.

This is one of my security starter trifecta:

Hacking: The Art of Exploitation

Rtfm: Red Team Field Manual

Blue Team Handbook: Incident Response Edition

OK. If you can get to civilization, you might find this useful:
https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/

Start playing around with:
http://www.dvwa.co.uk/
http://sourceforge.net/projects/metasploitable/files/Metasploitable2/
https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project

Download some of these:
http://vulnhub.com/

Get yourself a copy of:
http://www.amazon.co.uk/gp/product/1118026470/ref=pd_lpo_sbs_dp_ss_1?pf_rd_p=569136327&pf_rd_s=lpo-top-stripe&pf_rd_t=201&pf_rd_i=0470170778&pf_rd_m=A3P5ROKL5A1OLE&pf_rd_r=0VDGSR97R5Y5N3SS6QTB

You don't need courses to learn

Two books on social engineering I can recommend:

Social Engineering: The Art of Human Hacking
http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539/ref=sr_1_1?ie=UTF8&qid=1333753273&sr=8-1

No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
http://www.amazon.com/No-Tech-Hacking-Engineering-Dumpster/dp/1597492159/ref=sr_1_4?ie=UTF8&qid=1333753273&sr=8-4

I was personally recommended by my mentor Hacking: The Art of Exploitation, and The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Also some companions sent me some readings on index articles. I'm not so sure of the titles, but just browse around.

http://slav0nic.org.ua/static/books/

http://hackbbs.org/article/book/

Check out the following books:

TCP/IP Illustrated, Volume 1: The Protocols: The Protocols v. 1 (Addison-Wesley Professional Computing) https://www.amazon.co.uk/dp/0321336313/ref=cm_sw_r_cp_api_i_HsfhDb3TC15DK

By Gary A. Donahue Network Warrior (2nd Edition) https://www.amazon.co.uk/dp/B00NBJPIV8/ref=cm_sw_r_cp_api_i_ltfhDbJCDDXG7

https://www.amazon.com/Alfa-Long-Range-Dual-Band-Wireless-External/dp/B00VEEBOPG/ref=mp_s_a_1_5?ie=UTF8&qid=1549756310&sr=8-5&pi=AC_SX236_SY340_QL65&keywords=alfa+awus036nha&dpPl=1&dpID=414MIvj0FGL&ref=plSrch

This one is great

This one worked for me:
https://www.amazon.com/TP-Link-N150-Wireless-Adapter-TL-WN722N/dp/B002SZEOLG

Books:
1.amazon.com/Rootkit-Arsenal-Escape-Evasion-Corners/dp/144962636X
2.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098
3.nostarch.com/rootkits
Blogs/Forums:
1.0x00sec.org/
2./r/rootkit
3.rootkitanalytics.com/
4.turbochaos.blogspot.co.uk/?m=1
5./r/malware
6./r/reverseengineering
7.r00tkit.me/

"The Art of Human Hacking" :
https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

PM me your paypal address - My shout.

http://www.amazon.com/gp/offer-listing/1597499579/ref=dp_olp_used?ie=UTF8&condition=used

Try Violent Python

Just tell him to go read the R.T.F.M. book

I may add the book.

Hacking: The Art of Exploitation

https://www.amazon.es/Hacking-2e-Exploitation-Jon-Erickson/dp/1593271441

Start here.

Learn C. Eventually Assembly. Buy this book too: http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1334790681&sr=8-1

https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441

Book:

Hacking: the art of exploitation

https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1491881386&sr=8-1&keywords=hacking+the+art+of+exploitation

Learn Python The Hard Way

Violent Python

https://www.amazon.com/dp/B00VEEBOPG/ref=cm_sw_r_cp_api_3IjNBbM0H5C3N

Stick it in a bag to hide it.

Bought this a little while ago https://www.amazon.com/dp/B003YH1X48/ref=cm_sw_r_awd_f9YFub1EAF39N works like a charm.. My only problem is the suction cup suck ass...