Getting started into Ethical Hacking, Bug Bounty:
In recent days people are more concern about securing their own system as they knew how important their data is. So many youngsters are attracted towards cyber security. So let’s start how to get started into cybersecurity/Ethical Hacking, Bug Bounty. This may not be the universal method but this is the step that I took to be an ethical hacker.
Step1: Learn Programming
Step 2: Learn Networking
Step 3: Learn System Administration
Step 4: Learn Hacking
Learn Programming:
I would recommend people to learn basic of as much as programming as possible. This is because you may encounter any programming language while working in the field. If you have strong foundation of programming language then you can find flaws in the designed application. You don’t need to be master in all programming language because there are a lot of programming language and learning each and every programming language is not possible. I would suggest to select some major programming language and learn it. It is okay if you don’t know to develop an application from that knowledge but you should be capable to understand others code.
Learn Networking:
It is very important that in-order to abuse the network services, first you need to understand how the network is working. If you know how the data is formatted, transmitted, routed on each layer then you can easily pass the payload in such a way that you might bypass the protection. Let’s explain this concept with an example. Suppose that there is a web server running on port 80 and 443 and it has best packet filtering firewall and application gateway firewall then if you know the networking then you can easily say that the protection mechanism can be abused by performing application layer attack as the above-mentioned firewall cannot monitor application related data and the above web server can be attacked using application layer specific attack.
Learn System Administration:
Suppose that you have managed to bypass the filter and got access to the system, if you have idea of system administration then you can know the different available services that can be abused to further exploit the system. Suppose that there is a chron job (The job that keeps on running on certain time and condition is satisfied) is running in the system then if you managed to run your custom payload then you can own the system. Not only that, if you know the system then you can easily know where to search for required information. Not only that if you want to exploit the behavior of the system then first you need to understand the system. Suppose if you gained access to the system as a normal user then if you know the privilege escalation technique then you can be a superuser or a system admin then you can easily make the system to do the task that you want it to perform.
Learn Hacking:
The final step is to learn the all the required tools, techniques and methodologies of the hacking. There are different fields in hacking, you can choose you field and start learning it from basics to advance along with the appropriate theory and labs. As you know that if you have good understanding of the theory and practical then your chances of being successful will be high.
Here in the above-mentioned steps, I have not covered for the specific hacking field, these steps are for all general hacking. If you follow the steps, then your chances of being success will be very much high. At last, I want to say that you need to keep a good note in each step as it is as important as learning new things.