The most basic thing to start is learning about all all (or at least major & powerful) configuration options of your target technologies. Even if it wouldn't make you a hacker, it sure does lead to a solid hacking foundation and quick pranks.
Tricks to get a superuser access level on system you may call it administrator/root authorization. There are several different ways to do so which will be discussed in "Part1# Hacking Cycle" of this guide. For now, search basics by terms 'KonBoot', 'OphCrack'.
- Expertise Based
It simply denotes that in an initial phase, one should opt for a more comfortable coding platform. Like developers with some experience could go for C++, Python, Ruby, Perl, nodeJS, etc. Similarly, people interested from system administration could make an entry using Shell Scripts or PowerShell.
- Domain Based
In an advanced stage, the choice of language is focused on target to be hacked. A normal network hacking tool could be written as a script in Perl, Python or Ruby. Where it's quick to add/update at every user's end and has very rich library support. But for an untraceable virus/worm/daemon, it's better to be coded in C/C++ or even Assembly. For Memory Overflow attacks, knowledge of Assembly Language.
Any service/standard goes through a series of brainstorming sessions and get formulated into a set of protocols. RFC for Networks, JSR for Java, or similar other standards. These are basis of big robust technologies built over them. If you are able to find a loophole in it, entire castle falls. Even if you can't break it, they help you understand well.
Use Linux, Windows, or Mac; all O.S. platforms have there flaws to be exploited and get pwn3d. System level attacks differ on each O.S., so you need to have a fine exploit-ability know-how of your system choice.
Several memory overflow techniques need to be tweaked if the processor has an in-built protection in place.
Several network devices denote a specific flaw, which can be easily exploited instead of trying to break-in.
Old hardware devices on network refer to presence of a weak link which can't be made total robust for device-level authentication as they don't have such support and must be relying on a MAC-authentication.
- Devices & Topologies
Information about different network components i.e. systems, communication channel and networking devices.
All network components making up network in a certain pattern which decides up the flow of traffic and its availability.
- IP Addressing
The entire algorithm and classes behind IP Addressing
Basics of Subnet, Supernet and NAT (N/w Address Translation)
IPv4 & IPv6 ~ problems, updates and working standard
- Name Servers
Working principle of DNS, Root Servers and DNS Zones
Flaws in basic DNS and attempt to fix that with DNSSEC
& much more, like Wireless, Encrypted Channels, Tunneling, etc.
get acquainted, converse and gather information
mocking/posing someone without raising suspicion
Right Dress for Right Job
Suppose one aims at "Dumpster Diving" mechanism to gather internal information of an Organization dumped in careless manner, a formal dress is highlight.
You go in posing to meet someone, don't dress funky.
'Big Brave Attempts' like trying to tap into telecom lines for a political level Man in the Middle attempt, obviously dressing like your local telecom line engineer is only way to remain unseen instead of being in public.
and similar scenarios...
Blend-in with others.
Lots of components goes in making a technology and loophole in any of them could compromise the technology at different levels.
So, one need to have an overview of all components to have a working knowledge of the technology to be victimized and in-depth knowledge of component made target to break-in the system.
If you are in middle of a hack (system break-in), and you notice a new technology component or behavior. It might be some administrator-level advanced tweaking or blocking for manual read access.
Or, it might be a new security parameter restricting or honeypot-logging your move.
Similar and more scenarios require hacker to be quick learner and exploit the 'vulnerability with a twist'.
To rip apart a well working system/service/protocol, good analytical technique is an obvious requirement.
And technique to RIP a system is required for a Hacker.
Hacking a Service/Protocol is similar to developing the same. Both, starts with a problem. It's developed due to problem of it's non-existence and hacked because of its incompetency for desired feature.
If a Hacker feels any service is not featured to perform in a desired manner instead of being capable to do so. There is the 'Problem' to be solved. So, one need to be a good solution finder i.e. capable of finding a way to make service work in desired manner using the available & (mostly, not always) allowed resources.
Lie To Me
(in Social Engineering) you need to think of several stories to be told while posing as someone and make your victim handover the information by own will without raising suspicion... require real neat mind game and lying tactics.
(in Software Engineering) you need to devise mocking technology components which are fake and un-verified like forged & expired digital certificates hoping to be accepted. Such scenarios are similar to real life lying and need a brain with good lying techniques to think of these.