How Hackers Legally Earn Money From Home

Keyword here is legally because what good is a million dollars if you’re in jail right? So keep reading if you want to know how hackers escape the 9-5 wageslave system that is making everyone suicidally depressed.

Penetration Testing. I figured I’d start off with an obvious one. The most obvious way that hackers are making money from home. Companies and even small websites are paranoid that they’ll be the next headline database breach on the news and so they’re willing to pay big bucks to make sure that doesn’t happen and so if you can earn the qualifications necessary to start freelancing you can potentially be earning a comfortable salary from home by pentesting.

Writing. here is one you probably didn’t think of. Hackers often get paid to write articles for technical companies. Often times they’ll even get paid to contribute to blogs like this one!

Coding. This is another obvious one. You’re not a real hacker unless you can code. So why not make money off of that skill. Freelance programmers and web developers are in high demand these days so job availability won’t be a big issue as long as you can market yourself. Knowing some coding languages can pay better than others though.

Helping Companies prevent theft. You might think I already covered this one with Penetration Testing. However, most if not all hackers have a thorough background or understanding of IT. Hackers can get paid by companies to place security measures like web application firewalls, antiviruses, encryption protocols and network firewalls. Knowing IT and network configuration pays off.

Best Resources to get Started Hacking as a Beginner

So In the future I will do an all encompassing tutorial on what you should do in order to get started with hacking. But In this article I’m going to give you a list of great resources that helped me get from beginner to intermediate (at which point you should have a pretty clear idea of what you need to do).

  1. Codecademy
  2. Cybrary
  3. Hacksplaining

Thats it…..                                                                                                                                  Well sort of. That’s all you need to get started with  the basics. First I’d recommend learning HTML, CSS, Javascript, Python and command line basics on codecademy. That won’t take you long at all. Once you’ve done that, head over to cybrary and take a look at some of their courses. At minimum you’ll want to find a course that will take you over the basics of how networking works. The most comprehensive free overview of networking would probably be the Networking+ course. Then you could take a look at their Linux+ course. Both of these courses will supposedly prepare you for the comptia certifications which is something to look into if you’re interested in a career in IT. The next thing you’ll want to do is head over to Hacksplaining and go through all their vulnerability overviews. They only cover web vulnerabilities but It’ll be a decent foundation for you as a newbie hacker. Understanding the OWASP top 10 vulnerabilities is an absolute must these days in my opinion.

Bonus!

  1. Metasploit Unleashed
  2. VulnHub

By this point you’re somewhat of an intermediate. You’ve got the basics of a few coding languages, you’ve got an understanding of Linux, networking and you have an idea of what a vulnerability is. Metasploit unleashed will teach you how to actually use vulnerabilities to compromise a system. This is where the real hacking begins. On top of that you’ll learn one of the quintessential industry standard hacking tools Metasploit. After you’ve completed metasploit unleashed go check out VulnHub for some vulnerable VMs that you can practice your skills on. Start with the tried and true ones like Mr. Robot and Kioptrix so you can follow along the write ups (tutorials) until you gain a thorough understanding.

And did I mention that all these resources are FREE? yep. You don’t have to spend a dime to become a master hacker. Don’t listen to anyone who tells you that you do.

And after doing all that you’ll be a pro. except not really.

Top 10 Most Infamous Hackers

Kevin Mitnick a famous white hat hacker is now a professional security consultant and entrepreneur. His among his exploits are the Pentagon, Nokia, and Motorola. He eventually got convicted and served 5 years in prison. Once he got out he became the rich security consultant we know today. Does crime pay? Perhaps if your reputation precedes you.

Gary Mckinnon hacked into 97 U.S. Military and NASA computers during 2001 and 2002. He was looking for information on UFOs and evidence of a conspiracy that the US government was hiding technologies that could solve the energy crisis. He also shut down 1000 government computers and somehow rendered 300 of the inoperable causing up to $700,000 in damages. Eventually he got caught but he dodged charges because he was Scottish and they denied his extradition.

Jonathan James AKA c0mrade started hacking as a kid and was the first minor to be arrested and sent to prison at the age of 16. He hacked into the Defense Threat Reduction Agency and NASA. He downloaded source code used for the International Space Station. He committed suicide in 2008 because he was afraid he was going to be wrongfully imprisoned for several attacks on corporate networks that he was under suspicion for.

Adrian Lamo would often hack into media sources and change details on the website. He would then notify the owners of the press source and help them fix their security. However when he hacked into the New York Times he got arrested. Though later on in life he eventually ended up helping out law enforcement by turning Chelsea Manning for being a source to WikiLeaks which he now deeply regrets. Fun fact about Adrian Lamo: He had Asperger syndrome.

Ryan Collins was the hacker (or social engineer rather) behind “the fappening” a hilarious exploit where Collins used the standard email phishing attack to gain access to celebrity iCloud accounts where he was then able to obtain a whole bunch of their photos. Many of said photos happened to be sensitive. In fact, they were nude photos of several famous celebrities including Jennifer Lawrence, Kate Upton, and Kirstin Dunst. Several celebrities chose to deny authenticity of the leaks including Ariana Grande.

Albert Gonzalez installed a sniffer in various corporate networks and was able to steal millions of users credit cards and ATM details. Apparently he sold about 170 million pieces of sensitive data resulting in one of the largest cases of identity theft ever.

Astra is said to be a 58 year old greek mathematician who hacked into a french corporation called Dassault Group and he sold sensitive weapons information to various companies over a period of five years. When authorities caught him in 2008 they never revealed his information but just said that he was a 58 year old greek mathematician. It just goes to show how versatile a degree in mathematics really is.

Kevin Poulsen stole wiretap info from the FBI, hacked a radio stations phone lines in order to win a Porsche, helped law enforcement catch 744 sex predators over MySpace and is now a senior editor for Wired. How does your resume compare to that?

Loyd Blankenship 

I am a hacker, and this is my manifesto.  You may stop this individual,
but you can't stop us all... after all, we're all alike.

You may recognize this quote from the hacker manifesto. This famous manifesto was written by none other than Loyd Blankenship. His writings helped to inspire a generation of hackers to drop the controller and pick up a linux distro. He was a member of the Legion of Doom hacker group and has been hacking since the 70s. You could call him one of the fathers of modern hacking. Whatever you call him, he’s definitely an OG.

 

Julian Assange started hacking when he was 16. He broke into NASA, the Pentagon Citibank, Stanford, and Lockheed Martin. His biggest accomplishment was founding WikiLeaks. He is currently in the Ecuadorian Embasy in London trying to prevent his Extradition.

What is a Social Engineer?

Social engineers are nothing new to society. In some sense they’ve always existed but they’ve just been going by different names. Conman, grifter, flimflammer, trickster. I think you get the point. A social engineer is a person who uses his social skills to manipulate people or organizations (or in some cases entire societies) into giving him what he wants.

Micro scale social engineering however is very different from macro scale social engineering. An example of micro scale social engineering would be when a conman tricks someone into lending him money and not giving it back (an inelegant con, but a con none the less). An example of macro scale social engineering would be wartime propaganda used to convince a society to support the war effort.

So where does this become relevant to me as a hacker? If you’re hacking a target you may find that public exploits are not available because the target is kept up to date and security is seemingly airtight. But often times the weakest link in an organization is the human behind the desk. With social engineering you won’t even have to crack open your terminal to gain sensitive data and potentially access to a target. I’ll cover more in depth about methods employed by social engineers in future articles, but a great book to learn more about social engineering from a hackers perspective would be Social Engineering: The art of Human Hacking. Go check it out or google around and do some research of your own.

3 Types of Hackers (which one are you?)

What is a hacker? According to google it is “a person who uses computers to gain unauthorized access to data.” But what are the different motives of hackers and how do we define the difference? Hackers are typically divided up into three subcategories. You’ve got White Hats, Black Hats and Grey hats.

White Hat: a hacker who hacks legally/ethically for profit or non-profit. Penetration testers, security consultants, computer forensics and incident response teams are just a few examples of the roles that white hats will often play within the public and private sectors. You can usually find them at big tech conventions like Black Hat or DefCon as well as various freelancing websites.

Black Hat: a criminal hacker who hacks illegally for fun, profit, revenge or a whole array of nefarious reasons. These hackers are usually found frequenting various underground forums and IRC channels.

Grey Hat: These hackers are typically harder to pin down. They may or may not be bound by an ethical or legal code but you won’t find them committing malicious crimes. Most hackers fall within black or white hat but there is definitely a spectrum as not all white hats are ethical and not all black hats are criminals.

With that being said guys, there are a whole lot of reasons why hackers start hacking and I couldn’t even hope to list all of them but understand that there is definitely a moral line and a legal line that you have to identify before you do anything you’ll regret.