Open in app

Sign in

Write

Sign in

How to not be a script kiddie in 2022

Amol Rangari
3 min readMar 23, 2022

If you are interested in InfoSec/Cyber security you have probably heard the term “script kiddie/skiddie”. You might’ve wondered what that means. A script kiddie is someone who lacks knowledge in programming and hacking but uses pre-built hacking tools to cause some “damage”.

# Are you a script kiddie?

  • So, do you use massive scanners or other tools without knowing what’s going on?Well, you are a script kiddie. Are you trying to DDoS your friend’s IP address using Low Ion Orbit Cannon? You definitely are a skiddie at this point.

# Is it a big deal?

  • Many cyber-attacks are conducted by script kiddies just for “fun” or to actually cause some real damage. Fortunately for the authorities, as these people are very inexperienced , they also skip the part of hiding their traffic so tracking them is no big deal. What is a big deal tough, is the damage they do. Imagine DDoSing a website for a few hours. Depending on the size of the company/website, this might cause serious damage and that includes : loss of money and loss of customer-trust.

# Are you serious about Cybersecurity?

  • So , at this point I just explained what a skiddie is, I asked you some questions for you to figure out if you are one of them, and also presented you some of the damage that is caused by these people.
  • Let’s say you want to start a career in infosec, or you just want to learn it for other purposes. Here are some of my tips :

-> Learn the methodology:

hacking methodology

Start with each area and learn everything you can about it. For instance “Reconnaissance/Information gathering”. Learn how you can map a system/network and find everything that is related to your target. You get the idea.

-> If you do use pre-build tools, understand what they’re doing.

Let’s say you use nmap for scanning a machine. Do you know what is going on? If the answer is yes, and you truly know what the program is doing , then you can keep on using nmap for convenience but if the answer is no, research nmap, look through the code, ask people more experienced than you etc. What is important, is to understand what these tools are doing. You use metasploit, great. Do you understand how the exploit you just ran works? What vulnerability does it take advantage of ? You get the idea.

-> Learn programming

At this point, you might’ve already looked up “do you need programing for hacking”. My answer is yes. I don’t mean knowing it very in-depth, I mean knowing how to code scripts to automate your work, how to code simple backdoors , how to code a port scanner etc.

  • These are my tips on how to get started with cyber security. Thank you for reading through and I hope you have a wonderful day!
Cybersecurity Awareness
Cybersecurity

--

--

Amol Rangari

Written by Amol Rangari

125 Followers

I am Cyber Security Expert, Security Researcher and bug hunter

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams