-

11 min read

Learning to Hack: from Poetry to Pwnbox

Learning to Hack: from Poetry to Pwnbox
"It is better to know some of the questions than all of the answers."

— James Thurber

This may come as a surprise to many of you, but after 2 years working in tech and 3 years since my first “hello world,” I don’t know everything about computers.

A monkey puppet looking shocked. The text "acting surprised" is written on the top of the image

Shocking, I know. Despite my ability to help older relatives switch HDMI inputs and connect printers to a home Wi-Fi, I am still woefully un-educated about a variety of specialized areas within the tech business. When I was at GitLab, the first day I heard the word DevOps was the day I read the application for the position of Education Evangelist. So, I set about learning: I was reading articles, books, taking courses, reading internal documents, all of this while designing and creating materials for Information Systems and Computer Science courses on how to use GitLab, a tool I had only just started using.

But that made me valuable because I was a new learner. So, I knew where students and educators might get stuck; I saw concepts that took longer to figure out and was able to convey my recent struggles into a more effective way to teach this knowledge.

So now here I am at ProjectDiscovery, a cybersecurity company making Open Source products for assessing vulnerabilities in users’ tech stacks. And of course, if you’ve read this far, you know what comes next.

I do not know what “vulnerabilities” means.

Ok, well, that’s not entirely fair. After all, when I first interviewed in February, I did Google the company. And read their GitHub and blogs. But since I was focusing on the software development lifecycle at GitLab, I hadn’t really touched security until the last few months of my time there. So I did what I did previously when I was first transitioning to a new career.

And that’s what this article is about. I’m documenting how I started learning about cybersecurity so YOU, yes you reading this article, can get started on your own learning journey. I’ll talk about the courses, tools, and methods I used to learn all about cybersecurity. So here we go, dear reader: four resources I’m using to learn about Cybersecurity, bug bounty hunting, and pentesting.

the original cast of the power rangers from a PSA saying "it's learning time!"

1. Codecademy

I can’t say enough good things about Codecademy. It’s a big reason I’m where I am today. From C# to Web dev to Python and eventually security, I did much of my learning there. I have 12 certificates so far, and I am working my way through the Computer Science path, which I see as about as close as I’ll get to going back to school for a degree (it’s not the same, obviously, but it IS providing valuable background information my degree in reading and teaching poetry didn't cover)

Four courses that helped me get ready to learn security were Introduction To Ethical Hacking, Scanning with NMap, Introduction to Linux, and Fundamentals of CyberSecurity. These four courses gave me a base upon which to build my knowledge of how modern hacking works, and with that base, I can build a knowledge of tools and techniques on how to manipulate the way modern tech stacks are configured to help me better know what to look for when scanning for vulnerabilities.

Codecademy is helping me solve for what I consider my area where I’m lacking the most: background knowledge. There’s plenty I know I’m good at: I’m an excellent communicator (Thanks me! Oh, you’re welcome, me!) and genuinely enjoy working with people in communities to give them the support they need to get their own work completed. A lot of what I’m good at and what I am knowledgeable about are considered soft skills, which means I’m behind in technical knowledge.

a monkey typing at a laptop and then holding it's head in frustration

I use Codecademy to specifically fill in those gaps in my knowledge. Learning about the way different layers of a network work together to bring me funny TikToks on my phone is a process I knew very little about, besides resetting a router once in a while or doing a speedtest to make sure my connection is working right. These four courses, plus all the other skills, paths, and courses I’ve taken on Codecademy are absolutely essential to my career change, and continue to help me as I work in a new field. So, now how do I build upon that knowledge?

💡
https://www.codecademy.com/

Cost:
Three tiers, from $0 to $60 a month. Discounts for paying annually instead of monthly. Highest tier includes career path courses and a technical certificate at the end.

2. Hack the Box (Academy and Labs)

When I was in high school, I told my friends in a punk band that I knew how to play drums. I did, but not very well. My dad was a professional and I knew some of the basics from him. So, I could keep time, but I wasn’t very technically gifted. Anyway, my friends wanted me to join their band and I did and it did not go very well at all. Falling behind on tempo, missing cymbals, dropping sticks. It was a disaster. So, I knew a little bit about what to do, but I messed up by misrepresenting my abilities.

a scene from a 1940's movie where a man is softly hitting two bass drums with sticks while dancing.

I never made that mistake again.

So when I interviewed at a cybersecurity company, I told them, “I haven’t done security before, but I’m ready to learn, and you’re in luck because I love to learn.” I started right then, after my initial interview but before my offer came through, with Codecademy and another remarkable tool, Hack the Box, also known as HTB.

Hack the box has several avenues you can take to learn hacking, pentesting, and lots of other security related tools. I knew I needed the structure of a class format as well as some practical experience, and luckily, they have both.

Hack the Box Academy is structured into multiple modules about helping you learn the hacker mindset and the techniques available to bypass security measures. I’m focusing on the bug bounty path since that’s what ProjectDiscovery has a lot of its work in. Understanding the phases of hacking (with reconnaissance apparently being the most important to success) and the way tools function, not just what they do but how and why, are covered in these courses. I take notes on the reading sections, open up their in browser parrot Linux instance, and get to try these tools on IP addresses they provide.

It’s challenging for me. Very, very challenging. The questions you must answer to move forward are not answers you can find in the reading beforehand; there is very little in the way of hand holding that might be required for new learners. In addition to these courses, there’s also single machines with a capture the flag task. That’s where Hack the Box labs have proven useful. I’m given an IP address, an objective, and several questions to answer along the way, and by the end I’ve successfully hacked a real website (well, real enough). Often, the indicator of success is finding a hidden `flag.txt` somewhere on the website. This has been hidden in share folders, subdomains of subdomains, or within admin access only areas of servers, websites, and systems.

Labs are grouped by difficulty, and the easy ones come with walkthroughs in case you get stuck. Academy is where you learn how to do it and how to use the tools, labs are where you practice on a target and use a walkthrough if you want.

The learning on Hack the Box curve can be steep, there’s an assumption that you already know a certain amount about Linux, computer systems, and network architecture. I started to notice that I was behind on some of this knowledge, and it wasn’t quite enough from Codecademy. So, I started looking for other places to build hacking knowledge specifically. And that led me to TryHackMe.

💡
HTB Labs: https://app.hackthebox.com/home
HTB Academy: https://academy.hackthebox.com/

Cost:
Labs: $0 - $20 a month
Academy:
 Yearly: $490, opens everything. Includes an exam voucher
 Monthly: $18 - $68 a month to purchase "cubes" that can be used to unlock modules.
 Students: $8/month

Oh, you were wondering what ended up happening with that punk band? I stuck with it, changed the way I approached drums, and got better really quickly. I switched to drums in marching band my junior year and ended up sticking with it through college, Marching for the University of Florida Pride of the Sunshine state and performing at a few national championships for basketball. I worked hard and actually became a good drummer, the kind you like to have playing with your band. It took a lot of work, but I got there. Same as I’m doing now.

Pj sitting behind a white drumset

3. TryHackMe

While using Hack The Box, I discovered A WHOLE BUNCH of gaps in my knowledge and felt some familiar growing frustration. I recognized this as normal in learning something new; when you’re learning an entirely new concept, your brain has to stretch and change to understand it. And it’s frustrating. That’s totally normal.

However, I started realizing that I was missing more than I thought. And Hack The Box seemed designed for someone who already knew things like different network protocols and OSI and a bunch of stuff that I learned TODAY AS I WRITE THIS. Where did I learn these concepts? Partially Codecademy, but I started working with TryHackMe recently, and it is going super well! I’ve got some early wins in their “Pre-security” track and I am finding it a little more friendly than HTB, which is designed to make you think outside the box, much like you would when hacking or pentesting.

TryHackMe, so far, seems designed for newer learners. I needed a little more guidance in some of these concepts before I can just be let loose on a machine and tasked with “pwning” it. TryHackMe has been great so far; in browser machines and tasks are designed not to be like real life, but to teach a concept. This is really important in teaching. You can’t just give real world experience when someone is learning because the real world comes with a great deal of assumptions.

a monkey shoving a laptop of a desk in seeming anger

When learning a new concept, a familiar and comfortable place to try something can help teach the concept and later the skill will build around that concept. Good learning mixes real world applicability and easy concept learning. For instance, in one module learning about how firewalls work, I was tasked with turning off traffic from one IP to another. There was a cute animation on screen and a drop down menu of Ip Addresses that resembled nothing like an IT tool at all, but it helped me understand the flow of traffic through routers and switches much more easily than if I had to use a command line to turn some stuff on and off. Later, I can learn the way actual IT professionals make that happen because I know the /concept/ now.

💡
https://tryhackme.com

Cost:
Free, Premium, and Business.
Premium is billed either monthly ($15/month) or annually ($126/year). 

With all of this knowledge I’m working on, we come to the final place I’m learning about cybersecurity.

4. ProjectDiscovery tools

After doing about 3-7 hours a week of learning, I’ve started to understand the way hacking mentality works, and that predominantly, it’s about gathering as much information as possible, so you can make important decisions about what you’ll do later during an actual hack. And with that in mind, and the knowledge of a few tools like Nmap, Hydra, and ffuf, I started looking into ProjectDiscovery’s tools, and seeing where they fit in with the general work required of people seeking vulnerable systems. The best example of this was with Katana.

So, first off, I said earlier one of the things I needed to learn was how to use Linux, and how to navigate directories using the terminal. I had done that with a course on Codecademy, and had to do it some with HTB as well in order to follow along with their instructions. They provide members with emulated boxes with Parrot Linux on them so that members can practice without having to get their own Linux going. However, I wanted my own Linux instance. I settled on Kali since it seemed to be one preferred by many hackers out there.

ppen gillete from the movie hackers saying "We got one person online the workload is enough for like 10 users. I think we got a hacker"

So, on this Kali Linux instance, I went to install our tools using PDTM, our tool management product. I had all the tools at my disposal, but wasn’t sure what they did at first. Katana was one that I just couldn’t understand at first. Well, as I progressed through HTB I ended up in a lesson about web crawling and how this helps to map out a website and all its subdomains, embedded links, and more. It literally crawls through webpages, following links to see what it can find. Once I learned that, I had a better understanding of what Katana is used for and how it can be used to gather information.

I knew I couldn’t just jump into the tools without learning the designed usage of the tool first. You can’t really understand a drill before knowing what drills are generally used for, otherwise you end up using it wrong. So armed with knowledge of the tools I’m learning on HTB and THM, I’m able to more easily understand the REASON behind these tools and how they’re used in security.

So, the next step for me is to continue with my learning on Codecademy, Hack The Box, and TryHackMe. Then, as I learn, I turn to the toolset we have at ProjectDiscovery and apply what they can do to my own work inside the modules I’m working with.


I spent much of my life thinking there were careers that were out of reach. When my friend first suggested I look into working in tech, I immediately dismissed it because I was bad at math in high school and college. I vividly remember switching to be an English major and celebrating that I only had to take one more math class ever. I assumed coding was math and that it was something I simply couldn’t do. The process that started in the summer of 2020 with my first hello world has not only brought me into a new career, but has fundamentally changed the way I look at myself.

I am capable of learning many things. It will be hard, there will be challenges, but I no longer doubt that I can learn something new anymore. Now, instead of thinking I can't do something, I just think about how long it might take, and how I can make sure my learning sticks.

Happy Hacking, y’all.

The main character from hackers pulling out two 3.5 inch floppy disks and looking in a mirror

If you like this blog, then consider checking me out on Twitch, Thursdays at 3 pm UTC / 8 am PT - https://nux.gg/PD_twitch

We would love to have you join the ProjectDiscovery community!