General Thoughts

You are probably here because you want to learn hacking and you don't know where to start. You hope I can provide you with a clear guide to success. Unfortunately it's not that simple...

I believe the following quote holds true, so don't expect to become a skilled 1337 haxx0r right away:

anyone can master a skill with 10,000 hours of practice

The following video sounds click-bait, but it actually is not. It explains why it's impossible for me to provide you clear instructions, and it gives you an idea what hacking is actually about.

watch on YouTube

This second video is a recording from a talk I gave in 2017. For me CTF competitions have played a major role in getting where I am today.

watch on YouTube

I hope after watching these videos, you have a better idea about the long road you have ahead of you.

Don't worry, and be excited for the years of continuous learning

Recommendations

  • Practice programming - it doesn't matter what (website, game, mobile app, ...)
  • Don't pay for shitty "ethical hacking courses"
  • Watch my videos on YouTube, even if you don't quite understand them. You will develop an intuition for how stuff works and you can always revisit the topic later.
  • Play random CTFs from ctftime.org and afterwards study writeups of challenges you couldn't solve
  • Play wargames like overthewire, PicoCTF or exploit.education (+ my playlist on Protostar)
  • Get a Twitter account and start following people that share interesting stuff. A good start might be my following list.

Book Recommendations

  • I have not studied using any books, so I have nothing to recommend.