Book companion

Practical Hacking

Practical Hacking is a four-part, hands-on guide I co-authored that walks newcomers through setting up a lab, hacking boxes, working without automation, diving into web vulns, and climbing to root/Admin with privilege escalation. Use the chapter links below to jump straight into each section.

Chapter links

Quick access to every chapter on GitBook.

  • Preparation Get a Kali VM running, connect to Hack The Box, and sort basic tooling (VPN, clipboard, fullscreen).
  • Part 1 – How to hack Methodical four-step approach: enumerate, find vulns, exploit, and start privesc, mostly with automated tools.
  • Part 2 – Hacking manually Manual payloads, listeners, file uploads, Metasploit by hand, nmap scripting, and credential abuse basics.
  • Part 3 – Web hacking Web fundamentals, OWASP Top 10, SQLi/LFI/RFI, DNS tricks, and Burp/dirb/dirsearch/sqlmap workflows.
  • Part 4 – Privilege escalation Windows and Linux privesc playbooks: sudo checks, SUIDs, cron, kernel exploits, PowerUp, and exploit suggesters.
  • What now Next steps: more HTB boxes, writeups, OSCP, advanced labs, and further study paths.

Who this is for

Anyone who wants a practical, lab-first path into hacking and pentesting fundamentals: beginners spinning up their first Kali VM, defenders wanting attacker empathy, or practitioners looking for a structured refresher.