Well, hello there! Zokomon here. Hope youâre having a great day. Today we will discuss Black Hat Hacking Explained: Techniques, Risks, and How Itâs Done.
As discussed in my last blog (DeepSeek Chinese Propaganda tool), I shared how I started my bug bounty career. But I also mentioned that before bug bounty hunting, I learned only Black Hat hackingâthings like DDoS attacks and WiFi hacking. Letâs just say those activities are more likely to earn you a ticket to the nearest police station than a paycheck! đ
How It All Started
Back in my school days, I was fascinated by movies with hacking scenes and shows like Mr. Robot. Watching those, I decided on my dream career: Hacking.
But when I turned to Google for guidance, all I found were certification programs requiring moneyâmoney that I as a student, simply didnât have. đ˘
So, what did I do? I turned to the internet, the free school of the digital world. All you need is the right mindset and a targeted search approach.
Dissecting Topics for Learning
If youâre starting out, hereâs a tip: instead of searching broad terms like âHow to do Black Hat hacking,â break it down into smaller topics. For example:
i)âHow to hack WiFiâ
ii)âWhat is a phishing attack?âThis approach makes it easier to learn specific techniques without getting overwhelmed. You can learn more about it in advance here.
How I Learned Black Hat Hacking
I started by setting up a safe environment for practice using Kali Linux installed on VirtualBox. Itâs as simple as installing a game from the Play Store. Seriously, itâs that easy! đ
Once my setup was ready, I explored and practiced techniques like:
1) WiFi Hacking
I practiced on platforms like TryHackMe and, importantly, only on my own WiFi networks (because hacking someone elseâs WiFi without permission is illegal).
While learning, I discovered key terms like WPS, WPA, WPA2, handshakes, and tools like Aircrack-ng.
Quick Tip:
WPA2 WiFi networks canât be hacked directly. You need to:
i) Capture the handshake by deauthenticating connected users.
ii) Wait for them to reconnect, capturing the handshake again.
iii)Decrypt the handshake, which contains the password hash.If the password is strong, decrypting the hash becomes nearly impossible. In such cases, techniques like Evil Twin (creating a rogue access point) or phishing can trick users into revealing their password. You can learn about it in advance here.
2) Phishing
Phishing is one of the most common and effective techniques in Black Hat hacking. It involves creating fake but convincing replicas of legitimate websites to trick users into entering their credentials.
Hereâs a Beginnerâs Guide to Phishing:
i) Understand phishing basics: Learn to create replicas of login pages that look identical to real ones.
ii)Manipulate URLs: You wonât get a legit URL like https://example.com. Instead, use something like https://exampleisame.com and disguise it as much as possible.
iii)Tools to start with: Try tools like GoPhish or LocPhish to understand the process.This is intermediate-level stuff. To go deeper, youâll need to build on these basics with additional research and practice. You can learn about it in advance here.
3) Ethical Hacker GPT
Hereâs something new Iâve started recently thatâs a game-changer for learning ethical hacking: using AI tools like ChatGPT.
How to Use GPT for Ethical Hacking:
i) Create an account on OpenAI.
ii) Explore GPTs by clicking the left-hand menu and searching for terms like âEthical Hacker GPTâ.
iii) Start asking questions like:
âI am testing an Apache server for vulnerabilities. How does CVE-2024-40898 work, and what are the prerequisites for testing it? Can you generate a Python script for testing this CVE?â
Always phrase your questions responsibly. If the AI thinks youâre trying to do something malicious, it wonât provide useful information. You can access the tool once you have created an account on OpenAi(Chat GPT) link for the tool.
A Word of Caution
Remember: With great power comes great responsibility. Use these skills in a safe lab environment and always respect othersâ property and privacy. Never test anything without explicit permission, and always understand the potential impact of your actions.
Conclusion
Thatâs a glimpse into how I learned Black Hat hacking. While this is part of my past, Iâve since transitioned to ethical hacking and bug bounty hunting. In my next blog, Iâll share more tools, techniques, and tips to help you build your skills responsibly.
Stay tuned, keep learning, and always use your skills for good! đ
