I'm talking about the kind of crackers who penetrate in systems, create zero-day exploits and the like. I never met one (obviously!) but I wonder how do they learn their stuff. Do they read deep tech stuff regularly? I assume they already known all the internal details of whatever system they are trying to crack (e.g., TCP/IP, ssh, HTTP, Linux, etc.)... I guess they learnt that stuff at some point in the past and then moved on. Moved on to what? I suppose they stop 'reading' and started to 'produce'; they don't learn from others, they are the source of knowledge for some topics (I mean, a zero-day exploit is something that cannot be learnt... one must come up with it based on previous accumulated knowledge).<p>I guess I won't ever be able to know how real "crackers" learn by just searching on the internet... but since HN, perhaps you guys know a guy that knows a guy that actually knows how real crackers learn. Would be interesting to read that!
Best to replace the term 'cracker' with security research, penetration testing, network security and there will be results. Also go broader than 'guy'. There's training programs, newsletters, books, certification, conferences. It's an industry of its own.<p>Ask HN: How do security researchers know where to look for vulnerabilites? <a href="https://news.ycombinator.com/item?id=17176711" rel="nofollow">https://news.ycombinator.com/item?id=17176711</a><p>Ask HN: How did you get started in Network Security/Penetration Testing? <a href="https://news.ycombinator.com/item?id=15152957" rel="nofollow">https://news.ycombinator.com/item?id=15152957</a><p><a href="https://github.com/enaqx/awesome-pentest" rel="nofollow">https://github.com/enaqx/awesome-pentest</a>