would this be a good way to start web hacking?
(03-27-2020, 03:03 AM)MuddyBucket Wrote:
(03-26-2020, 09:42 PM)QMark Wrote: Also, MuddyBucket said that if I wanted to be a hacker I should spend several months on web development first.

Why do I get conflicted answers on this? The people at my school say what you say but the people on Reddit agree with MuddyBucket.

Do both answers work?

I'm pretty sure I probably said to be a *good* hacker, you should become a solid programmer - among other things.

There are plenty of shortcuts in life. I can easily teach you a bunch of hacks and tricks over the course of a few months that would make you look a lot like a hacker. And you'd fool a lot of people into thinking you were a hacker. But in my opinion, you wouldn't *really* be a hacker.

I'll try to use an analogy. I have a car. Over the years I've learned how to change my brake pads. change my spark plugs, change my air filter, change my battery,  change my oil, and a few other things Some of it I've self-taught. Some of it I've had friends show me. 

Am I an auto mechanic? If my car didn't start tomorrow, could I fix it? Maybe. If it was just a dead battery. Otherwise, probably not. I've only learned how to do specific tasks. I don't have a full understanding of all the components, and how they work together to make a car run. My ability to change spark plugs doesn't inherently mean I understand fuel to air ratios, etc for optimum fuel economy.

Likewise, I can teach you hacking tricks, much like i can teach you how to change a spark plug. If you do X action, under Y condition, you'll get Z result. However if you try X under A, B, or C condition - it won't necessarily work. If you understand whats happening under A, B, and C condition, you though, you may be able to adapt X action into something else that does work.

It comes down to there being an easy way, and a hard way. The easy way probably won't lead to jobs, opportunities, etc. And if you're looking to do illegal shit, the easy way is usually what lands you in jail. Cause you don't *really* understand what you're doing and you're more likely to be caught.

So why did Insider recommend the easy way? Why do people at my school on the cybersecurity team say "some networking and some linux basics and you can start." On the other hand, people that are a part of the alt.2600 hacking community say I need far more programming skills. So on one hand I even hear some professional hackers tell me to learn much more advanced programming in order to get good. But then when I contact the elearn security team they say "to take our web hacking course just know basic networking and linux and take our intro course first" and I think "well, but if I do that, how will I be as effective as someone who knows enough web development that they could have invented SQLi?"

Thanks for the answer by the way. I really appreciate it. I'm gonna spend several months learning web development while I work on Sec+ and CCNA over the summer. In fact, I am gonna be working on web development as of today and I already started again on code academy. I made a decision to do both: learn the programming and web development and get good at that, as well as learn the Linux and networking knowledge. I think its better to go overkill than underkill when it comes to learning, and as well as in life in general.

But right now I'm focused on computer networking and web dev and I'm aiming to practice a little more Linux skills maybe in Fall, while still learning web development. By that point, I think I am gonna end up learning some of my web penetration testing through the unlimited elearn security courses my school's cybersecurity club gave me access to. That is, if I'm ready by then. I think I probably will be ready though because I'm a fast learner when I put my mind to something.

I have just been very scattered about everything, but now I am more focused and persistent the past few months.

Messages In This Thread
RE: would this be a good way to start web hacking? - by QMark - 03-27-2020, 06:13 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Coldfusion hacking Insider 2 10,249 02-13-2021, 08:44 PM
Last Post: Insider
  Basics of website and server hacking Insider 0 7,763 03-26-2020, 09:34 PM
Last Post: Insider
  is my site secure from common hacking? mhiats37 1 7,111 05-11-2019, 03:03 AM
Last Post: misfit
  WebDAV Hacking [Detect & Exploit] Insider 1 21,433 04-24-2019, 09:03 PM
Last Post: thunder