Starting my hacking journey, hopefully!

It’s been a while since I wrote here, hopefully I will be able to write more often and hopefully too I will be able to finally get into hacking properly.

Bosom buddies

I have been interested by InfoSec for many years. It mostly started a bit more than 10 years ago when I was reading a lot about pentesting : Kali was called BackTrack then, I played a lot with it and MetaSploit.. Read many books and spend some time playing with vulnerable machines.

I even found a few vulnerabilities in website (mainly by changing URLs and getting to resources I was not supposed to access). I never tried anything else without authorization, and I knew it was already “too much”. Anyways, I did a few, and reported them to site owners. I was lucky and they thanked me, fixed the issue, asked me to test again and that’s it. No money, no jail either.

Then, I got bored, I felt stuck at entry level of hacking and couldn’t get past that point. I couldn’t do sqli, I couldn’t write my own scripts, I could only use ready to use tools and modify a few URLs. I felt like a script kiddy, and I gave up.

It’s not you, it’s me!

I think I suck at things, even if I am now a Linux Sysadmin without any formal education; I can write some basic bash for my day 2 day homelab and job in order to automate things as much as possible.

Even though, I don’t think I am really better now than I was 10 years ago I think it is time to get over my stupid fears and finally begin this hacking’s journey.

Recently I have read a lot of stuff, again, about InfoSec, bug bounty scene and even pentesting. I will write more about what I found in another post. But one of the article or video (can’t remember exactly) that had the most impact on me was from @HakLuke. Great motivational speeches and articles, I am now back in the game and hopefully for long this time.

Back in business

This mean I will try to hack my way through HTB boxes WITHOUT Metasploit. The goal of this is to understand all nuts and bolts of hacking, and hopefully pass OSCP one day.

Now, don’t get me wrong, MetaSpoloit is awesome! Probably too awesome for me and for now : I need to learn, and in order to do so I have to understand all the steps, learn the hard way… Try harder like we often read in the “hacker’s community”.

I will share my journey on a dedicated category right here on Masoopy!