1. Learn TCP / IP, basic information
collection, proxies, cc socks, SSL, VPN, VPS, RDP,
FTP, POP3, SMTP, Telnet, SSH.
2. Learn Linux, Unix, Windows – You Can Do It
using vmware or any virtual office
3. Learn a programming language that is
compatible with all OS – Perl, Python, C, ASM
XSS, SQLI, RFI, LFI
5. Learn reverse engineering and crack
some programs for easy serial publications like
mirc, winzip, winrar or old games.
6. Code a fuzzer for common protocols – ftp,
pop3, 80, 8080 – Choose Free Software
as ftp server, mail server, apache or iis
web server or an all-in-one server pack,
or teamspeak, ventrilo, mumble.
7. Code a tool that uses grep to sort
unique code in source codes.
8. Create a custom IPsec IPtable firewall
blocks all incoming and outgoing traffic
traffic and add filters to accept certain ports
that your software or scripts use.
9. Choose a kernel under linux or unix, also choose a
The Microsoft OS version lets you say Winxp pro sp2
put them on virtual desktops (vmware)
and find and code a new local exploit in
these versions, then install an Apache
web server on Linux / Unix and IIS
web server on pro winxp and attempt to
find and encode a new local reverse_tcp_shell
10. Learn Cisco Router and Switch
configuration and configuration.
11. Learn the installation and configuration of the checkpoint
12. Learn Wifi scanning, cracking, sniffing.
13. Choose a person from your repertoire for
the area code in which you live or the city then ring the
nobody on an anonymous line like Skype or a
public phone or sim card and attempt to
social engineer person for name,
address, birth data, born city, country
born, ISP connected with, Telephone Company
connected with, Which bank he uses
and everything you can get. Then
Attempt to use an ID of identity theft
software with the phone number of the person –
call the ISP and try to reset the password to
his internet connection / web-mail, get
access the bank account or ask them to send
on a new *** at a new address (drop)
with a new pin, reset the telephone company
14. Use your information gathering skills for
get all information on a website as a
Shop then use the spoof caller-id software
or hack your phone to display a new number
of the technical support number of the Web server
Then ring the shop owner and try to get the
password of the merchant site.
15. Do the same thing but try to use a
web attack against a site or shop to win
16. Once got access to download a shell and
attempt to exploit the server to obtain the root
using a feat you did not code anybody else
17. Create your own Linux distribution
18. Use your own Linux distribution or use a
gnome vanilla Linux (not kde) keeps it with
not a lot of graphics, so you can learn to
depends on the terminal and starts from
scratch install applications you will only have
need a black box (security test box),
to make records for fuzzers, exploits,
scanners..etc Then, load them with your
own scripts and other tools (At this point
you should not need to depend on others
19. Learn the macosx and try to win
access to a Macosx box be it your
clean or someone else.
20. Create a secure home network and
secure your own systems with yours
Security policies and firewall settings.