[ULTIM ATE B EGINNER HANDB OOK TO COM PUTER HACKING ESSENTIALS: LEARN
ETHICAL HACKING, PENETRATION TESTING AND B ASIC SECURITY: 50+ FREE
RESOURCES TO HELP YOU M ASTER THE ART OF HACKING]

BY
[NEIL W. CARSON]


What is a Hacker?
Originally Hackers Were Not Computer Based
So What Is a Hacker Now
Why are hackers important?
Differences: Black, White, Grey, and Red Hacker?
Black Hat Hacker : Bad Guy
White Hat Hacker: Good Guy
Grey Hat Hacker: The I “do it for fun” guy
Red Hat Hacker: The “I do it for legal money” guy
Neophyte: The Noob
Definition and Importance: Ethical Hacker
Guidelines of an Ethical Hacker
Importance of an Ethical Hacker
The Tools: Ethical Hacker
Why Un-Ethical Hackers?
What’s the Difference?
Some People Just like to watch it Burn
Another Get-Rich Quick Scheme


The Tools: Un-Ethical Hacker

Beware the DEEP WEB (and ironically made by the Navy)
Developed by the Navy
How it works
Browser Beware
They are Watching
Preventive Security and Reactive Security
Preventive Security
What do we Detect? A lot. When do we Detect it? All the time.
Reactive Security
SSH, HTTPS, HTTP, SSL and FTP: Web Safety
SSH and FTP are Server Side Transfer, While HTTP and HTTPS are Web Side
Transfer
How Blindingly Simple: Hack Your Windows Password
How to Hack Someone Else on Your Group Network
A Blunt Guide: Become an Ethical Hacker



WHAT IS A HACKER?
ORIGINALLY HACKERS WERE NOT COMP UTER BASED

Hacker literally means to break to your benefit, which means that when you used
something in manner that it was originally not intended to be used; you have become a
hacker. Originally, when you decided to optimize or make something better by taking it
a part and then putting it back together in a more efficient way, sometimes even adding
something to make it better, this in it of itself was what it meant to be a hacker. If you
took a toaster and changed the quality of the heating coils so that it would take less
power but cook faster, you were a hardware hacker. If you chose to wake up early every
morning and brushed your teeth while you took a shower, you were a life hacker. If you
decided to make a method that allowed you to do work faster, you were a efficiency

hacker. You could have literally been a hacker for anything you decided to improve.



SO WHAT IS A HACKER NOW

Hackers are now often associated with computers and while terms like Life Hacker are
still popular terminology, a term that directly describes an action, the general meaning
of a hacker is within a computer. A hacker is a person who programs, navigates, or
develops a method that allows them access into an area that they are not normally
allowed to have access inside of. This means that a person who can “view source” and
then read the language the website is developed in so that they can manually remove the
code that pops up those annoying advertisements is a hacker.


WHY ARE HACKERS IMP ORTANT?

Hackers make the world go around in the cyber world and the main cause for
improvements in technology in general. Whenever a person is able to gain access they
are not supposed to gain access to, the person who runs security must now come up with
a new and improved way to protect the company. The same goes for the advertisement
and media industry, because people are blocking advertisements and downloading
media all of the time. It is so simplistic to download a YouTube video that the music
industry focuses heavily on live events for money instead of the actual music album
itself. Artists have to put intricate watermarks on their photos in order to ensure that
hackers do not just simply download the pictures from the source and sell them. If it
were not for hackers, the development of technology would be a lot slower and the
world would not benefit.
After all, it’s not just security hackers improve, but technology itself. We will discuss
how they do it later, but hackers can download information in mid-process if it is not

fast enough and unsecure. This has lead to developing methods that let web browser
provide a fast connection to their users and a direct line to not only make it difficult for
hackers, but also makes it faster for the consumers of the internet. Not all of the
technology improvements are accredited to these hackers, but a good portion of good
practices can be and that’s why, as much of a problem hackers are, hackers are actually
beneficial to the internet.



DIFFERENCES: B LACK, WHITE, GREY, AND RED HACKER?

There are several types of hackers in the world and they all have reasons of why they
chose to do it like they do. We will put these in a chronological order from when they
were first coined to the final color of the Hat Hacker family. The reason why they are
given a color is to help people identify which hackers are good and which hackers are
bad, and, just like in the world, not everyone is strictly good or bad. The “Hat Hacker”
part refers to an old style of changing identity in theatres, which was simply to put on a
different hat and this let the audience know that you were in a different character.
BLACK HAT HACKER : BAD GUY

A black hat hacker is a literal cyber bad person that only wants to make as much trouble
as possible just because they can. These hackers normally do this for egotistical reasons
and are usually only show themselves where a new security system has come out, and
these individuals feel challenged. While they are the “classical bad guy,” they do have
their benefits for existing. Without Black Hat Hackers, there would be no need for all of
the other hackers to exist, or security for that reason, and they are actually the reason
why jobs are generated for Ethical Hackers.
WHITE HAT HACKER: GOOD GUY

Just because they are a White Hat Hacker, does not mean they are an Ethical Hacker. A

White Hat Hacker only hacks when they feel like they need to, but strictly go out of their
way to make sure that they do not hurt anyone in the process. This type of hacker is
generally associated with the individuals who provide personalized bug fixers for
software and generally try to improve upon software issues that the company seems to
be ignoring. You can usually find them on forums, helping people solve issues with their
code and just being the good guy for the general public. They don’t do anything for
profit, they do it because they feel that it is need, and they are almost always happy to
help out someone they don’t even know to help improve that person’s life.


GREY HAT HACKER: THE I “DO IT FOR FUN” GUY

The Grey Hat Hacker is usually the person who hacks video games and tests their skills
against varying levels of security because they find it fun. These hackers are
problematic because they don’t often care whether they harm someone, but they also
don’t really even think about whether they are hurting someone or not. This is similar to
a person who wants to hack into a credit card company because they feel like it would
be an interesting adventure.


RED HAT HACKER: THE “I DO IT FOR LEGAL MONEY” GUY

Red Hat Hackers are usually a mix on Ethical and Un-Ethical Hackers. The reason why
they are called Red Hat Hackers is for the terminology of “Red Tape.” That is right,
Red Hat Hackers are usually on the level of hacking government institutions,
information hubs, and generally anything that falls underneath the category of sensitive
information. The FBI and CIA hold a list of the world’s Red Hat Hackers to keep track
of what they do, where they go, and what jobs they are working on as a preventative
measure against being hacked themselves. A really big example of this is when the
group Anonymous and LulzSec managed to Hack the CIA and cause them a lot of issues

for, not only their employees, but also the security companies that place their trust in the
CIA.
NEOP HYTE: THE NOOB

A Neophyte is literally a “New Convert,” which is to say that this is a person who is
new to the hacking world and the term came about for hackers to represent the fact that
being hacker is similar to a religious practice.



DEFINITION AND IM PORTANCE: ETHICAL HACKER

An Ethical Hacker only hacks to prevent others from being able to do things that are
morally improper to users of the technology. That is essentially their purpose, but they
have to follow specific guidelines that normal hackers do not have to follow.
GUIDELINES OF AN ETHICAL HACKER

An Ethical Hacker has to do a couple of things that a normal hacker does not have to do
in order to fulfill their purpose.
THEY MUST RECORD EVERYTHING

Ethical Hackers must record their screen, their keyboard, their mouse, their emotions,
and even their heart rate and sometimes their brain waves. All of this information is
used to determine the strength of the security and what it will be like for the person on
the other end of the screen that is doing the hacking.


HACK VS. HACK

Often times, Ethical Hackers must go against each other to determine what a real-time

scenario would be like in the case that a hacker is cable of getting far enough to the
point where the security person must be able to protect the information by hand. This is
done so that the programmers can develop scripts to specifically protect against these
types of attacks so that the protection is faster than the hands of a hacker.
HACK FROM MORE THAN ONE DEVICE

Today, hackers can get in from multiple directions. You can hack into the mobile
network and jump from the mobile network to go into the main network. You can hack
into a person’s email and gain access from the email service. You can hack a person’s
phone SIM card and place a key logger for access from a remote location. There are
multiple ways to hack into a network and an Ethical Hacker must be aware of all the
different ways a network can be hacked into.


HACK PEOPLE

Another part of the process of an Ethical Hacker is to determine the social weaknesses
of an industry and how easy it can be for a person to be the source of the problem. This
may involve having lunch with a person and pickpocketing their phone while they’re no
looking, or determining whether that individual spends a lot of time surfing the internet
while they are on break. Additionally, they determine how is it is for an individual to
break the NDA that nearly everyone signs in the beginning and whether a person could
get enough information from an individual to do actual damage to the business. There
are specific key parts an Ethical Hacker must look out for in the social network that is
behind the physical network.
IMP ORTANCE OF AN ETHICAL HACKER

The importance of an Ethical Hacker cannot be stressed enough, as they serve as both a
security analyst and a technological analyst. They prevent security risks from people,
networks, and other third-party players to ensure that there is a very small chance that a

hacker is capable of getting into the network.



THE TOOLS: ETHICAL HACKER

The tools of the Ethical Hacker often reflect the capabilities of the Ethical Hacker. As
mentioned before, an Ethical Hacker must be able to have a lot of data in order to
ensure that they have a round-about understanding of what security issues they must be
dealing with.
TRACKING DATA PROGRAMS

There are several programs that track data submission and methods, and these allow
Ethical Hackers to determine the origin of a hacker, where they came in, and even how
they got in. Such programs will track IP addresses, Data Packages, Mac Address
Orgins, and even determine the speed at which the information was passed to collect
data on the speed of the internet that is being used. This allows the Ethical Hacker to
cover up those areas with additional security and also allows them to ensure that scripts
that they make to prevent entry are faster than the most likely speed of internet the other
hacker will be using.
LANGUAGE SPECIFICITY

Another large problem in it of itself is the ability to write the language that the security
issues are taking place in. If an ethical hacker has been hired to protect a specific
program and not just the computers, odds are is that the Ethical Hacker will need to
know the language of the program in order to make sure they can write their own scripts
in that same language so that their preventative protections can be put into place. A part
of this issue are the actual holes within a language. If a hacker knows what language is
being used, not only can the program be at risk, but the actual code of the program can
be altered. An example of this is a PHP based website, which is vulnerable to the

classic GET, DELETE, and POST methods, which are a part of the language. Unless
there are specific measures put into place, the hacker on the other end will have a very
easy time simple going into a comment box and pulling all of the data from a website on
to their hard drive.
HIDDEN CAMERAS

As mentioned before, an Ethical Hacker also has to look at the people behind the
physical network to determine whether they will be a problem or not. The hidden


cameras are for when the Ethical Hacker needs to do a Risk Assessment on the person
within the video and determine which factors led to a specific success, or which
questions, when asked in the right order, would pull out the most information.
Additionally, video recordings can be used by the Human Resources Department to
determine if the employee is in a stressed state and needs to be taken care of in terms of
their working conditions. Ethical Hackers are often mindful that a person’s weaknesses
are not their own fault and that an average employee is not expected to be one hundred
percent fool proof. Even the janitor may look up something on his phone while being
connected to the internet at work and has no idea that someone took his phone, and
modified it, while he was on his lunch break. This process is done often to ensure that
people are mindful of what they do and how their actions can affect the business.
FORENSIC ANALYST PROGRAMS

There is a fine line between a Forensic Analyst and an Ethical Hacker because most of
what they do are extremely similar. Therefore, what will usually benefit a Forensic
Analyst will often benefit an Ethical Hacker, and vice versa. These programs will keep
log files of occurrences throughout the day on a network, track unauthorized uses,
pinpoint origin points for viruses, and are generally helpful in every step of the process.
The only problem is that not everything a Forensic Analyst can use, can also be used by
an Ethical Hacker. A Forensic Analyst can go into personal emails and sensitive

material that Ethical Hackers are told not to touch, and, in some areas, Ethical Hackers
are even told not to touch specific areas of the network because the information on that
side is too sensitive for an individual to have their hands on. However, the benefit to
this is that that section of the network is usually closed off from the rest of the network
as much as possible and often requires little to no effort when it comes to providing a
solution. Since the network remains untouched, Ethical Hackers only have to track
incoming and outgoing data from that network
SCRIPTING EFFICIENCY

Another part that has been mentioned are scripts. Scripts are simple sets of code that
automatically preform preventative security actions faster than a normal human to ensure
they shut down the attack as fast as possible. These are written in a similar language to
the actual program that naturally protects the computer and some Ethical Hackers end up
with so many scripts that they make an entirely different security program to handle them
all. This allows them to keep track of all the different scripts, determine if the scripts
need to be faster, and to find out when the scripts are conflicting with each other. These


scripts are a vital part of the protection program as a script will always be faster than
the human hand, so anything that can be written in the form of the script will be ten times
better than if the Ethical Hacker would have to do it by hand.
DRIVER DOCUMENTATION

One of the pet peeves of the entire industry is Driver Documentation and there’s a very
good reason. Your computer has hundreds, if not thousands of drivers, that are needed in
order to make the computer work effectively. A driver is a binary-level software that
allows the computer to communicate with either the hardware or the software.
Documentation of those drivers tells security specialists and Ethical Hackers what
needs to be done to protect the end user from the security holes that those drivers have.
If there isn’t enough or a proper form of documentation, that means the security

specialist or Ethical Hacker has to run close to a thousand tests to see all the potential
holes that the driver allows for the hackers of the world to get in through.



WHY UN-ETHICAL HACKERS?

An Un-Ethical Hacker is very similar to a Black Hat Hacker and are often associated
with them, but there are specific parts that make them different. Not all Un-Ethical
Hackers are bad, which may seem strange at first, but these hackers are equally as
important as Ethical Hackers
WHAT’S THE DIFFERENCE?

Un-Ethical Hackers are like the Hulk version of Ethical Hackers and will relentlessly
attack a network to find problems. They will often use tactics that are against the law,
such as kidnapping and blackmail, to accomplish their goals. The only problem is that
Un-Ethical Hackers sell the information to the highest bidder and only do it because it is
profitable. These hackers will often mutli-hack systems as well, just to get the network
to the point where they can move pasts the preventative steps that an Ethical Hacker put
into place.
SOME P EOP LE JUST LIKE TO WATCH IT BURN

It’s plain and simple, for the most part. Un-Ethical Hackers often see a big business like
a giant juicy steak that needs to be cooked. If a company claims it has the best security
in the world, you can be sure that an Un-Ethical Hacker has already started to break that
security. People have a tendency to go after the things that will provide them the most
challenge and thrill, and this is the biggest way any hacker can truly determine what they
are capable of. Not only do these hackers have to get past the system, but also they will
often have to cyber fight with another hacker or a team of hackers in a cyber-gladiator
type match. It requires an intense amount of skill to do this and Un-Ethical hackers are

sought out by security businesses like trophies for hunters.
ANOTHER GET-RICH QUICK SCHEME

These Red Hat Hackers will often sell the information they steal or the tactics they used
to break a network to the highest bidder. The prices go extremely high, with some
hackers being millionaires after preforming just one hack. To put into some basic math,
let’s say that each Facebook user’s information is worth just $0.50 each. More than a
billion people use Facebook, so that’s half a billion dollars for that one hack. However,
Facebook is extremely large and has a dedicated security team to ensure that hacking


Facebook is near impossible. However, as the Tunisians proved, hacking giant
powerful companies like Facebook is not an impossibility and poses a serious threat to
the online world.
However, the process is often illegal and once the hacker manages to sell the
information, they will be put on the list and watched until the day they die. Often times,
any type of money they got from the deal will go to just making sure the company can’t
get their hands on them and that they live in a place that shields them from the
government that they ran away from.