Saltdispenser Posted December 24, 2020 Share Posted December 24, 2020 Hi all, I'm a high school senior with experience in web dev and programming, among other computer related things. However, I'm fairly new to this scene and was wondering if someone could help me choose some products. I mentioned my experience, primarily in web dev, because I was hoping to learn more about the networking side of things. My goal is to learn as much about networking and ethical hacking as possible, and looking at the Hak 5 website, it looks like there are a plethora of products to chose from. Obviously, because I'm quite the noob, I don't know which products will help foster a quick and safe learning environment. Also, as I'm sure it needs not to be said, I'm quite broke :) Because of this, I've narrowed down the list of items to the Rubber ducky (just seems fun), the Lan Turtle, Shark Jack, and Plunder Bug Tap. I'm vaguely aware of what each and everyone of them is capable of, but I don't know which best suits my needs. Again, I'm just interested in safely learning about this field seeing as it's not only relevant to my future coursework, but should probably be common knowledge to all. Hope this post doesn't annoy anyone! Just a plebe making his way in the world :( Note: If it matters, I've "mastered" the CLI. Also, I was recommended the Raspberry Pi's by a school teacher and was provided a bunch :) Link to comment Share on other sites More sharing options...
Gweedo Posted December 24, 2020 Share Posted December 24, 2020 So I'm going to try to fill in as much holes as I can for you, so you can understand why you should choose what. Please don't get annoyed at the potential long-windedness. Hak5 gear is great stuff, so we will start with that. The Rubber Ducky is a perfect start for cost and simplicity, but for a little more you could just get the Bash Bunny. It does everything the Ducky does and more, like being able to use your web skills to build captive portals and such. For your other three options they are not far apart in what they do, but they each have their own uses based on certain advantages and disadvantages between them. For example on-board storage or not, inline or only connected to one device, what they can do and test for based on those difference... You might want to check out the Packet Squirrel as an alternative. Hak5 gear and learning... Hak5 gear is mostly for individual needs that can be great for either hackers or even just IT specialists doing tasks as simple as automating system updates. I say "hackers" because the color does not matter in this case. All hackers hack roughly the same. The differences between white and blackhats are how they apply those methods for what reasons. To ethically test some of those tools you will have to have your own systems or someone willing to let you play with theirs. Which brings us to... The Raspberry Pis. Play with those as much as you can. I do not know which versions you have but some fun projects along the lines you are looking for: Pi0 used as a PoisonTap, any Pi used as a web server or C2, recommend a newer Pi for an EvilAP, you can even turn one into a pirate radio with only two wires... Once you get a feel for the direction you want to focus on, then look at the Hak5 tools that you can use to test some of your own setups. Harden your setup, test again, and the learning cycle just continues. Link to comment Share on other sites More sharing options...
Saltdispenser Posted December 25, 2020 Author Share Posted December 25, 2020 7 hours ago, Gweedo said: So I'm going to try to fill in as much holes as I can for you, so you can understand why you should choose what. Please don't get annoyed at the potential long-windedness. Hak5 gear is great stuff, so we will start with that. The Rubber Ducky is a perfect start for cost and simplicity, but for a little more you could just get the Bash Bunny. It does everything the Ducky does and more, like being able to use your web skills to build captive portals and such. For your other three options they are not far apart in what they do, but they each have their own uses based on certain advantages and disadvantages between them. For example on-board storage or not, inline or only connected to one device, what they can do and test for based on those difference... You might want to check out the Packet Squirrel as an alternative. Hak5 gear and learning... Hak5 gear is mostly for individual needs that can be great for either hackers or even just IT specialists doing tasks as simple as automating system updates. I say "hackers" because the color does not matter in this case. All hackers hack roughly the same. The differences between white and blackhats are how they apply those methods for what reasons. To ethically test some of those tools you will have to have your own systems or someone willing to let you play with theirs. Which brings us to... The Raspberry Pis. Play with those as much as you can. I do not know which versions you have but some fun projects along the lines you are looking for: Pi0 used as a PoisonTap, any Pi used as a web server or C2, recommend a newer Pi for an EvilAP, you can even turn one into a pirate radio with only two wires... Once you get a feel for the direction you want to focus on, then look at the Hak5 tools that you can use to test some of your own setups. Harden your setup, test again, and the learning cycle just continues. Copy that, I appreciate the help! Your message has given me a better idea of how and what I plan on doing next. I've got an RPi3, and I'll be putting up my site soon using Apache. From there, I'll attempt to "attack" my own site and learn on the fly. This response was exactly what I was looking for, thank you very much! See you in a few years 😉 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.