PHNinjaWangya
Grasshopper
Hindi ka makaka-häçk nang maayos kung kulang sa fundamentals.
Aralin:
- Networking
- IP address, subnet, DNS, ports
- TCP/UDP
- Operating Systems
- Linux (important!)
- Windows basics
- Programming (kahit isa muna)
- Python (recommended)
- Bash scripting
Start commands:ip a<br>ping google.com<br>netstat -tulnp<br>
Dito ka magwo-work as ethical häçker.Practice:
- File system:
- Install tools:
- Permissions:
Goal: maging comfortable ka sa terminal
Ito ang simula ng häçking: reconnaissance.Tools:
- Nmap
- Wireshark
- Netdiscover
Matutunan:- Paano makita ang open ports
- Paano identify services
Hanapin kung saan mahina ang system.Tools:
- Nikto
- OpenVAS / Greenbone
Goal:- Hanapin ang butas (vulnerabilities)
Dito mo ginagamit ang natutunan mo.msfconsole<br>search exploit<br>use exploit/...<br>set RHOSTS target_ip<br>run<br>
Pero:- Always sa lab lang muna
Understand authentication weaknesses.Tools:
- Hydra
- John the Ripper
Pinaka in-demand skill ngayon.Aralin:
- SQL Injection
- XSS
- File upload vulnerabilities
Tools:
- Burp Suite
- OWASP ZAP
WiFi testing (legal lab only)Tools:
- Aircrack-ng
- Airodump-ng
Dito ka gagaling:- TryhäçkMe (best for beginners)
- häçk The Box
- PortSwigger Web Security Academy
Daily practice > theory
- eJPT (beginner)
- CEH
- OSCP (advanced)
Ito ang pinaka-importante.
Pwede:- Sarili mong system
- Lab environment
- Bug bounty programs
Bawal:- Mang-häçk ng ibang tao/system without permission
Pwede kang maging:- Penetration Tester
- Bug Bounty Hunter
- Security Analyst
- Red Teamer
- 1 hour theory
- 2 hours hands-on (Kali Linux / TryhäçkMe)
- 1 tool per week
Linux → Networking → Scanning → Exploitation → Web Security → Advanced häçking<br>
Real Talk
Walang shortcut dito:- Hindi sapat ang tools lang
- Kailangan ng practice + patience
- Kahit pro häçkers, nag-aaral pa rin