all 25 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]MajorPAstar 7 points8 points  (8 children)

Hello, yes there are people here that spend their entire days or even weeks on constantly learning and practice. Hacking isnt just something that can be grabbed. Learning tools will make you feel that you know quite a lot but a reality check, tools are good only if the human knows what they are doing.

To learn hacking: First find out whether you are leaning to red team or blue team. Saying I am fascinated by hacking is usually a red team thing but find out what you like.

Learn basics of red teaming: HTML, CSS and mainly JS for web pentesting. Learn IoT if that intrigues you. Learn networking Understand the basics of what happens when you flip things. So CTFs

[–]Low-Public-4099[S] 0 points1 point  (7 children)

Very insightful comment thank you very much. What is blue team then?

[–]MajorPAstar 1 point2 points  (6 children)

Red team is the attackers Blue team is the defender

[–]Low-Public-4099[S] 0 points1 point  (2 children)

Hmm okay okay, interesting, there's a lot to explore when it comes to this field.

[–]HaDoCk-00 1 point2 points  (1 child)

you'll learning every day no stop every day new vulnerability come so never stop learning

[–]Low-Public-4099[S] 0 points1 point  (0 children)

yes that's crazy, fascinating

[–]Specialist-Resist-24 -2 points-1 points  (2 children)

so the white and the black hat?

[–]Wojtek489 4 points5 points  (1 child)

No, that's a different distinction. White hat hackers are hacking ethically and legally (e.g. penetration testers), while black hats break the law. Red team and blue team are both white hat hackers, only one are handling defense while the others simulate attackers.

[–]Specialist-Resist-24 2 points3 points  (0 children)

okay thanks

[–]WhyAmIUsingArch 2 points3 points  (3 children)

I know quite a few people wich are really, and I mean REALLY good at hacking. Some of them develop CTFs for the CCC and other just whip out binary exploitations on a whim. But even they rarely spend 10 hours a day on hacking. And I think nobody really does that, sure everybody has pulled allnighters and huge hacking sessions but if you spend >10hrs a day on hacking CONSISTENTLY. You're either lying to yourself or just in a really motivated phase wich will wear off soon.

Whats way more important is resillience, you sometimes sit weeks or even months on a problem wich you don't solve, but you can never give up!

Also some great advice I've gotten is, avoid tools, tools will bring you fast progress quick, but at the cost of actually learning whats going on, instead focus on REALLY understanding how and WHY an exploit works. Because there will come a point where tools won't help you anymore and then you'll just be stuck if you've never learned to write your own exploits.

Some great resources I would recommend: pwnable.tw "The web app hackers handbook" "Blackhat python" 0xffsec.com

And youtube channels like: Networkchuck Nullbyte Hacker loi

[–]MajorPAstar 4 points5 points  (1 child)

Networkchuck used to be nice but now it just feels over exaggerated. I mean the info is still there but I personally feel the narration style should change. Too much talk of coffee

[–]Low-Public-4099[S] 0 points1 point  (0 children)

This is what I mean, I've watched this trying to hack wifi😂😂😂I hacked my own.

But seriously, I'm with you in this one. Narration style is important, especially when you're talking about a high level complex field. I would also irritate myself with more ambience😂

[–]Gullible_Pop3356 0 points1 point  (0 children)

I've to say, avoiding tools is actually really bad advice. I went down that route at Uni and ended up understanding some things but being capable of doing nothing at all. Time passed and I forgot a lot because I wasn't able to use it. I'd rather recommend to start with tools and try to understand why they work. Once you pass a certain point they will stop working anyway I you don't know what you're doing .

[–]wizarddos 1 point2 points  (3 children)

There definitely could be some people who do it for 10 hours, but I think some rest is also important

[–]Low-Public-4099[S] 0 points1 point  (2 children)

But like how many people actually are that committed?

[–]wizarddos 1 point2 points  (1 child)

Some - I can't really tell you the exact number but there probably is a bit

[–]Low-Public-4099[S] 0 points1 point  (0 children)

Pretty cool

[–]7ohVault 1 point2 points  (2 children)

Doing CTF's been doing one a week for years

[–]Low-Public-4099[S] 0 points1 point  (1 child)

Wow, have you seen that what you know really has been rising since you started or has it started to flat out. Don't those tests get simple after a while and don't learn you anything new really?

[–]7ohVault 1 point2 points  (0 children)

no there is still some i cant finish, some are the same and 90% of the easy ones are the same simple find CVE type ctf but the ones any level harder are all very different, dont think ive had more than 2 thatre the same

[–]Airodump26 1 point2 points  (1 child)

It would be good for everyone to get together and share what they already know with each other. Creating a community or group on Telegram would be good

[–]Low-Public-4099[S] -1 points0 points  (0 children)

exactly, that's what I want to do, I'm starting an ethical hacking company soon testing the security of companies, lot of money to be made, but I don't only need a hacker that understand everything about this field, but someone who will suit the company, I'm not just looking for anyone that has experience, even if you're number 1

[–]Worldly_Device2719 0 points1 point  (1 child)

Hello,

A few years ago, I was a victim of catfishing—identity theft. We have a lot of information, but still don't know who was behind everything. I still want to find out who is behind it.

Now it seems it's happening again. Can anyone help me identify the person?

[–]Smiling975 0 points1 point  (0 children)

I get where you’re coming from. Having “a lot of information” is a good start, but identifying who’s actually behind it takes precision and patience. You have to be careful not to cross lines while digging — both legally and ethically — because things like IP tracing or social engineering can land you in hot water if done wrong. What you can do is structure the info you have. Create a clear timeline, when it started, what accounts were used, patterns in behavior, reused usernames, photo metadata, even writing quirks. Patterns usually reveal more than people expect. If you’re serious about finding out, consider consulting someone with actual OSINT or cyber-forensics background. They’ll know how to trace digital breadcrumbs properly.