Step 5: Practice, Practice, Practice

Ok, lets review, we know our basics. We know how to use a computer, we know how to write code, we know what unix systems like Linux are, and we know how to use Unix tools like those provided in Kali.

Wait, I still can’t get into my friends Facebook account, what are we really learning anyways? Well giant corporations like Google or Facebook are hard to hack, especially for people new to hacking like us. Not to mention it’s usually illegal to try to hack a company without permission.

So in the meantime, use the VMs we set up in step 3 to practice known vulnerabilities and learn basic hacking methods! Now, OWASP’s BWA isn’t something we fully understand; but the developers who wrote it also provided some awesome documentation! To become a hacker you need to explore how to gain information for yourselves. Here’s some links to get you started with OWASPs BWA.

Resources:
https://code.google.com/p/owaspbwa/wiki/UserGuide#Training_Applications
https://www.owasp.org/index.php/Category:Attack
https://www.owasp.org/index.php/Category:Vulnerability
https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series

• owasp