Hackthebox Web Challenge I Know Mag1k

This means that the whole section on cryptanalysing substitution ciphers is applicable, and will not be repeated here. Should i need to know basics of exploit development ? You should know how to exploit a basic vanilla buffer overflow at bare minimum. Challenge HackTheBox or OverTheWire, etc. Knowledge in web concept and pentest is so much important for participant to solve the challenge. View Cher Boon Sim’s profile on LinkedIn, the world's largest professional community. Ok, so we know there's nothing embedded in that file, now what? If you've been following along with my challenge walkthroughs, you might remember Inferno and the god-awful esoteric language Malbolge. Hack the box Forensic Challenge Library:The security team was alerted to suspicious network activity from a production web server. challenge, hackthebox, reversing, Web Development (5) Follow Blog via Email. Today we are going to solve another CTF challenge “Cronos” which is available online for those who want to increase their skill in penetration testing. The message states that some source files should be stored somewhere. An NT hash exposed through LDAP allowed authentication to a samba share with a pass the hash attack. So to get an Hackthebox Invite Code actually turned out quite difficult for me, as I didn’t know Javascript or any Web Dev language really. I do have a cookie, and I have decoded it. Challenge Master is a website that hosts cyber security-based challenges for the Unofficial Cyber Discovery Discord Server. Assuming we have already done the memory acquisition of the suspect system, the first step is to identify the image file. Execute the following command to grant sudo right to logged user and following post exploitation is known as wildcard injection. [Hackthebox] Web challenge – I know Mag1k Posted on December 23, 2018 by Phantom Michael (๖ۣۜC๖ۣۜo๖ۣۜT๖ۣۜP) Hi guys,today we will do the web challenge – i know mag1k on hackthebox. View Harsh Modi’s profile on LinkedIn, the world's largest professional community. To get an invite to hack the box you have to do an entry level attack against their website, while not completely trivial it wasn't a 10 second deal. You should certainly. Most Linux users probably know the program Screenfetch: the tool that retrieves a lot of information about a computer (such as OS, theme, and hardware). Another useful observation we is that we’re being redirected to forum. If you’re following or reading my twitter timeline (@devsecopsgrl007), you will know that I am currently taking SANS SEC542 – Web App Penetration Testing. gets asked the most. To get crypto adopted in a country where only 11% of the population has a bank account will take years of painstaking drive. The application properly denied uploading dynamic scripts (eg. Korumalı: Web Challenge – I know Mag1k HackTheBox,I know Mag1k ,Web Challenge Ahmet Akan Nisan 4, 2019. Hack The Box Reversing Challenges Find The Easy Pass. Introduction to Dmitry:-So in this post i am going to tell you How to use Dmitry in Kali Linux to gather information from your target. 问题描述: Can you get to the profile page of the admin? 访问分配的地址,是一个带注册的登入页面: 尝试常规注入,无效 来到注册页面注册,再退出,在使用已有的用户名登入会发现有一个用户名枚举的漏洞. Here is a service that i very much enjoy. The name of the challenge is "Inferno", I wonder if that has anything to do with Dante's Inferno. In an ideal world, all you should need is the necessary experience (work, school, or otherwise) to get the job. Web: https://www. Next you may want to check the Distribution XML to understand if there are any special execution conditions. Not only is the public allowed to know this number, but for security reasons the public key holder normally wants everyone to know it, to prevent someone else from maliciously impersonating them by giving out some other value of n. Remember, it takes time to learn - you need to enjoy the process of learning, or you will never get to your end goal!. sinister geek 3,190 views. See the complete profile on LinkedIn and discover Scott’s connections and jobs at similar companies. This time back with Hackthebox challenge !! Downloaded the file on clicking the download button and already mentioned that password for Zip file is hackthebox This is the txt file I got inside zip file Stuck at this?? This is substitution cipher Your Question - How I got to know about it ?. Assuming we have already done the memory acquisition of the suspect system, the first step is to identify the image file. Special note. In order to gain access to the site, you have to "hack" yourself an invitation code. But to Register you need to complete a challenge only then you can register. Umer has 6 jobs listed on their profile. [email protected] 38 Walton Road Folkestone, Kent CT19 5QS, United Kingdom. melihat file-file yang ada di directory ini dari hasil dirbuster yang sebelumnya saya melihat panel. They understand the challenges that operations has and don't beat on them. I do have a cookie, and I have decoded it. I know Mag1k ! hackthebox (web challenge) sinister geek. When Bad things happen to an organization, they usually go to law enforcement and the legal system for compensations. The thing is, if you know this field, you know that this certification is worthless; it's just an expensive piece of paper. But still I wanted to do it. I suggest taking a look at the full syallbus to get a better idea of what you need to know. Write-up of the fs0ciety misc challenge by subzer0x0 on HackTheBox. Padding Oracle is based on…. I'm not saying that people fresh out of school can't become great pentesters, they definitely can -- I know several. Then I recalled how it all started and why. eu, but I must say it was a lot of fun. I got web testing work twice (sad I didn't get more, but in time it will increase), got some research work currently which is cool too. Wargame Sites. The tool we are going to discuss in this post is Graylog, but first let’s look at Log Continue Reading →. Reversing Challenge: Snake HTB - Learning to hack the planet Read more. [email protected] Any questions about any step or want me to make more video please. First we need to submit a PHP code like on the web server through netcat to have our PHP code recorded on the access log. Robot Hack - Password Cracking - Episode 1. Defiantly much more of a challenge than the first Access machine I attempted. Posted in Crypto, Web Exploitation by EternalBeats Leave a Comment on [HackTheBox – CTF] – I know mag1k Diberikan sebuah web berisikan login dan register page. If you fail after considerable tries or you want to know a method which may be different than yours, you can follow along below. I'm new on this site and maybe I didn't understand how to report the flag discovered. So to get an Hackthebox Invite Code actually turned out quite difficult for me, as I didn't know Javascript or any Web Dev language really. hackthebox web challenge Emdee Five for Life. Gh0s7's Lab. Also as an entry pen tester you probably won’t get more than 30-40k (trust me I know). You signed in with another tab or window. Website Link: https://www. Gain access to the website and fetch the document C:\candidate_evaluation. We know from the previous nmap scan that friendzone. Public profile for user PsykoPrince. Aragog was a delightful challenge on HackTheBox. Hackthebox – Swagshop August 29, 2019 September 28, 2019 Anko 0 Comments CTF , hackthebox , magento As with any machine, we start with a portscan and find out that only ports 22 and 80 are open. I know enough to pilot myself on Kali Linux through the PWK labs and the OSCP cert, and probably approach a Linux administrator job. You signed in with another tab or window. HackTheBox Crypto Challenge içerisinde bulunan "Infinite Descent" uygulamasının çözümü. My computer clock says 1:09 am and my eyes were still wide open with my brain exploring various paths available to me as my next step towards hacking the target box. Hackers are using a bug in PHP7 to remotely hijack web servers - The Next Web new Teen claims her Facebook account was hacked in murder plot to kill ex-boyfriend - CrimeOnline new This phone scam has resulted in millions of dollars lost to hackers. The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. Initial Enumeration. hellboundhackers solution for Basic Challenge I am referenced to this website https://www. Write-up for the machine Active from Hack The Box. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). Here is the solution of HacktheBox Web challenge(HDC) Step by Step If u Like this Video please Like,Comment,Subscribe my Channel 1. Cher Boon has 4 jobs listed on their profile. Bhanu Namikaze is an Ethical Hacker, Web Developer, Student and Mechanical Engineer. Challenge had been solved. Remember, it takes time to learn - you need to enjoy the process of learning, or you will never get to your end goal!. Let K be the key matrix. [email protected] 38 Walton Road Folkestone, Kent CT19 5QS, United Kingdom. Utilities needed: Kali VM, web browser, internet access, luck. Let fireup the namp on ip of devoops which is 10. Reversing Challenge: Snake HTB – Learning to hack the planet Read more. red to grab DNS data for this domain:. Feel Free to let me know any of your concerns about hacking or let me know if you need any more methods on hacking anything. " I also guessed a login as guest:guest. Changed the value to "admin" and encrypted using the tool which I decrypted it. Maybe the chief didn't know that the worst thing someone can do is to challenge hackers to hack, come-on sir hackers hack. I suggest taking a look at the full syallbus to get a better idea of what you need to know. Kamran Saifullah. LIST OF CHALLENGES ID Challgenge Done 1 [30 Points] HDC 2 [50 Points] I know Mag1k 3 [70 Points] Grammar 4 [20 Points] Lernaean 5 [30 Points] Cartographer 1. You need a paid subscription ( £10/mo which is fair price) to access retired machines. The name of the challenge is "Inferno", I wonder if that has anything to do with Dante's Inferno. ~InfoSec Enthusiast, Bug Bounty Hunter, CTF Player, Tea & Coffee Lover. The instant reaction is to look at the source code, which you can do by opening up the Web Developer option and clicking on Debugger (or Ctrl+Shift+S). Only a few satellite dishes on the roof hint at what lies inside: a labyrinth of … Continue reading "Talking Heads: behind the scenes at Eurosport". Are you a beginner who wants to learn hacking but don’t know where to start? If so you are at the right place. Public profile for user sp3ctr3. The whole point in the invite code challenge is to ensure those who have signed-up have the thought process and basic skills to be able to do the challenges. me is one of those great resources every wannabe hacker should know. This HackTheBox is owned by team ErrOr SquaD @prial261 with the score 700 out of 1200. Sigh, let's Google "esoteric programming languages"… holy shit, there's actually a Wikipedia article titled that. After, a bunch of BashFu commands and tricks that I know and that I used and got over the net nothing worked :'( I felt like I am completely out of the SCOPE because the challenge is about getting the flag and I was trying to get ROOT :-3 What a stupid guy -. Most of the techniques explained in the presentation were not new although I did not know that initia. The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. Really happy to see a domain controller finally pop up in HackTheBox. Active and retired since we can't submit write up of any Active lab, therefore, we have chosen retried Shocker lab. Each challenge is associated with a multitude of solutions, related resources allowing you to learn and to see the way followed by other users. The Hellenic team's expenses will be covered by the organisers and sponsors. & to provide the most honest, & informative answers to the questions J. * This is a spoiler. Hello Guys, it been a while since I have wrote a blog. Hawk was a pretty easy box, that provided the challenge to decrypt a file with openssl, then use those credentials to get admin access to a Drupal website. Web Penetration Skills CTF, often have challenge for web hacking. It was also good to have coordinators available at the event to troubleshoot problems with the exploits or help point participants in the right direction. Find a local con, like a BSides event, and meet some new people. If you happen to know more about it, feel free to reach out to us on Twitter: @cyllective. We look beyond the. Hack The Box (HTB) is an online platform allowing you to test your penetration testing skills. CTF Series : Vulnerable Machines¶. It doesn't look like a hash (hash-dentifier can help you there). Not only is the public allowed to know this number, but for security reasons the public key holder normally wants everyone to know it, to prevent someone else from maliciously impersonating them by giving out some other value of n. Reload to refresh your session. Challenge had been solved. i have a Line about the hacking that is - IETPVD-INTERNET EDUCATION TAKES PATIENCE VERACITY DEDICATION. So to get an Hackthebox Invite Code actually turned out quite difficult for me, as I didn’t know Javascript or any Web Dev language really. HackTheBox - Shocker. r/hackthebox: Discussion about hackthebox. It’s an LVM2 image, which contains two logical volumes. This only takes about 10 minutes if you know what you're doing. Sigh, let's Google "esoteric programming languages"… holy shit, there's actually a Wikipedia article titled that. Challenge: Guess the password. HackTheBox Crypto Challenge içerisinde bulunan “Infinite Descent” uygulamasının çözümü. How CTFs Works? (Capture The Flag) The CTFs challenges can be in different themes, but the only purpose of them to gain complete access to machine. This was a good practice of decoding stuff, web exploitation and rop exploitation. In other words users can execute command under root ( or other users) using their own passwords instead of root’s one or without password depending upon sudoers setting. eu I know Mag1k ! hackthebox (web challenge) - Duration: 14:10. First Primitive Year at the Hut. I dont know what the fuck to do, i dont know what the fuck is going on 2. See the complete profile on LinkedIn and discover Corentin’s connections and jobs at similar companies. It doesn't decode to plaintext either. Public profile for user lklick. A definite lesson learned from this challenge – store every information you come across during assignment. There are so many challenges and machines that get released on a weekly basis. Know people from your network. HTB have two partitions of lab i. HDC HackTheBox Web Challenge Walkthrough/Solution. View Nikolaos Vourdas’ profile on LinkedIn, the world's largest professional community. I have to give a large thanks to the creators of the machine who have put a lot of effort into it, and allowed me and many others to learn a tremendous amount. php on line 143 Deprecated: Function create. Hacker: An individual who is intellectually curious and wanted to learn as much as possible about. Let d be the determinant of K. About - Wed, 29 May 2019 16:25:30 CEST This blog will contain security related content, hackthebox. It doesn't decode to plaintext either. Similarly to the last challenge we can make a script that does a grep command for a char and if the char exists in the password than it should return nothing. After finishing the website’s routes, css and images I have the project to my friend and he had a bit of a trouble deploying it on his Apache server. Are you a beginner who wants to learn hacking but don’t know where to start? If so you are at the right place. Got the new cookie but seems I must be doing something wrong as the new one doesn't do anything. This blog post is about the web challenge “EasyPhp” by IceWizard. Since this is my first post and I don't want to spoil anyone I'll try and formulate this in a way people that are not to this stage will not understand ( note to moderators: feel free to edit my comment otherwise ):. At the age of 16 i started drawing, later on, i thought i could start combining my talent along with my Computer Engineering studies to continue my interest further. list of best websites to learn ethical hacking 2019 get certified ethical hacker. While being one the most straightforward challenges yet, pwnable’s “input” challenge took me a while because there was some C/Linux stuff that I either didn’t know, or that I forgot (sockets, aghgh). Web Testing Techniques The main section of the exam, can you test web applications, do you know OWASP like the back of your hand, have you absorbed every bit of information from the Hackers Handbook Series, and have you played at a few CTF's? If so that is a good start. You need a paid subscription ( £10/mo which is fair price) to access retired machines. I know what to do, i dont know what the fuck is going on Haha, i love my job, the place where devs play solitair with their Trello cards. Most people I know that are good/great have background in IT ops and know how to maneuver in those environments. kr version (I actually don’t know if they’re related) the only thing you must do is click “challenges” con the upper left webpage tabs. Espero que les haya gustado este tipo de post, si desean mas post sobre hack the box no olviden dejármelo saber en los comentarios y compartir este post con sus amigos. Chapter 2: Know The Concepts 1) Describe the fetch-execute cycle. eu] Web Challenge 15 January 2019 #. It doesn't decode to plaintext either. Additionally, I'll add that once upon a time l passed the OSCP and sat and tried to challenge the GPEN exam and failed. Only one file to be found which contains a message from a person called Derry to a person called Chihiro. Utilities needed: Kali VM, web browser, internet access, luck. It is not very begginer friendly but you cou. It was also good to have coordinators available at the event to troubleshoot problems with the exploits or help point participants in the right direction. There were 50 "hacker" tickets available and the puzzle was open for about a month. Hasta la próxima ;). Hack the Box Writeup - Sunday Read more. OSCP is considered one of the top certifications within the IT security industry owing to the fact it leans heavily towards the practical element of hacking. You need to hack your way in. Join GitHub today. The point of security is to keep the bad things from happening and support the occurrence of good things. Please feel free to leave me comments on how you completed a challenge or more likely, point out where I went wrong. While being one the most straightforward challenges yet, pwnable’s “input” challenge took me a while because there was some C/Linux stuff that I either didn’t know, or that I forgot (sockets, aghgh). Write-Up. Watch Queue Queue. Korumalı: Web Challenge – I know Mag1k Kategori: Hack The Box,Web Challenge Etiket: HackTheBox,I know Mag1k ,Web Challenge Ahmet Akan Nisan 4, 2019. Getting a limited shell for this particular box is easy but the privilege escalation to root is quite tricky for beginners. now i know that I'm very close to the flag, i just want to find the E-mail address of the individual which we are interested in, so now how. Now to keep true to the HackTheBox spirit, I must ask that you only read this WalkThrough after to compare notes. It's mostly depend on your area of interest. eu I know Mag1k ! hackthebox (web challenge) - Duration: 14:10. This is the difficulty level for a typical 4th grade classroom. Web Challenge; Mobile Challenge ,don't share,HackTheBox,Please Ahmet Akan Code Instrumentation Frame Pointer Overwrite Frida Grammar HackTheBox I know Mag1k. This design challenge may require complex motor skills, understanding of abstract concepts, or unusual materials to build. Spoiler Alert : I suggest you to try to hack your way into the site, before actually reading anything below. HDC Web Challenge — HackTheBox. The CTF are computer challenges focused on security, with which we will test our knowledge and learn new techniques. Join GitHub today. Original Poster 1 point · 1 year ago. Only write-ups of retired HTB machines are allowed. If you fail after considerable tries or you want to know a method which may be different than yours, you can follow along below. Lastly, there was an admin page and a regular user page on the website. I’ll use that access to gain execution on the host via php. Hasta la próxima ;). eu,your task at this challenge is get profile page of the admin ,let's see your site first. You should expect to get some knock backs as you’re learning, it’s totally normal and happens to everyone. When Bad things happen to an organization, they usually go to law enforcement and the legal system for compensations. We can go out and look at various people's values of n; for example, the one for Gmail's web site is. Hack The Box Challenges Read more. Our prompt says: Santa uses an Elf Resources website to look for talented information security professionals. Website Link: https://www. Well without wasting any time lets dig into the devoops system of hackthebox as the title describes. Bhanu Namikaze is an Ethical Hacker, Web Developer, Student and Mechanical Engineer. Find a local con, like a BSides event, and meet some new people. The basic idea behind log poisoning is to have the web server write PHP code on its access log and then use PHP include on the log to execute the code. Intigriti 2nd 2019 XSS Challenge Write-Up 6 minute read Spoiler alert: this is a write-up for the XSS challenge that you can find on Intigriti. But regardless of your stance, here is my method. My personal challenge, as an engineer is using art in technology in order to achieve awesome results. Happy Hacking! Today’s blog post will be on how to get started with pentesting… on a budget. So we have 2 port open ssh(22) and http(5000). See the complete profile on LinkedIn and discover Richard’s connections and jobs at similar companies. Exploiting SQLi in Complain Management System. To get crypto adopted in a country where only 11% of the population has a bank account will take years of painstaking drive. View Richard Brown’s profile on LinkedIn, the world's largest professional community. See the complete profile on LinkedIn and discover Ben’s connections and jobs at similar companies. It's mostly depend on your area of interest. The Polybius Square is quite easy to break, since it is just a substitution cipher in disguise. Each challenge is associated with a multitude of solutions, related resources allowing you to learn and to see the way followed by other users. Hack The Box Challenges Read more. It contains several challenges that are constantly updated. Let’s start and learn how to breach it. Will has 7 jobs listed on their profile. Challenge had been solved. Are you a beginner who wants to learn hacking but don’t know where to start? If so you are at the right place. Bhanu Namikaze is an Ethical Hacker, Web Developer, Student and Mechanical Engineer. red is the domain associated with this box, at least initially. Getting user was tiring but root was fun and it did give me some ideas on future blog posts. sinister geek 585 views. Focusing on ShellShock, I know I'm looking for executable scripts in the cgi-bin directory of the web server. Styles FAQ Revision 2018-10-22 - Part 1/1. lklick is at position 634 in the Hall of Fame. Note that, if a challenge has been retired but I have never attempted to complete it, it will not be included in this list. Here we notice the target has scheduled a tar archival program for every 1 minute and we know that cron job runs as root. Nikolaos has 2 jobs listed on their profile. You signed in with another tab or window. Now to keep true to the HackTheBox spirit, I must ask that you only read this WalkThrough after to compare notes. Corentin has 5 jobs listed on their profile. l do know someone who took Cracking the Perimeter, obtained their OSCE, challenged the GPEN exam and passed. Hackthebox: I know Mag1k is based on Oracle padding attack. [email protected] 38 Walton Road Folkestone, Kent CT19 5QS, United Kingdom. Log Management Tools (Graylog) As you probably know by now keeping track of logs and alerts is a crucial part of security. Though studying about this attack in my Masters, never got a chance. sinister geek 3,190 views. What Hackthebox did for me by only trying to get an invite code was tremendous. They also provide write-ups. Hack the Box Writeup - Sunday Read more. in chrome do “inspect” with the mouse on the password and you find a comment that gives you a hint. Normally you should know where to look but hurry up because I will delete them soon because of our security policies ! Derry The web application on port tcp/80 appears to be a very simple static page without much functionality. Hack The Box Write-up - Active. Challenge had been solved. Watch Queue Queue. Feel Free to let me know any of your concerns about hacking or let me know if you need any more methods on hacking anything. In order to gain access to the site, you have to "hack" yourself an invitation code. Challenge: Guess the password. See the complete profile on LinkedIn and discover Will’s. to refresh your session. "The goal of this challenge is to break into the machine via the web and find the secret hidden in a sensitive file. I'm new on this site and maybe I didn't understand how to report the flag discovered. First of all, we have to scan the server for ports. All versions up to the latest release 1. Alright, since we know that this is a web server… let’s run nikto to scan for any “possible” vulnerabilities or misconfigurations. eu,this challenge is hard a bit,okay!!! let's start now,connect to your target and you know the first thing that we always do is check source code,when i look into the source code i marked 2 places like a bellow. Original Poster 1 point · 1 year ago. I feel pretty prepared after owning all the easy and medium, and two of the hard boxes on HackTheBox, but I don't know what curve balls the folks at Of. The CTF are computer challenges focused on security, with which we will test our knowledge and learn new techniques. References §. Since most of the books and free resources on the Internet are only meant for those who already have a considerable amount of knowledge on the subject, they fail to teach hacking for beginners. A lengthy discussion will not be included here, but we will give a short example. list of best websites to learn ethical hacking 2019 get certified ethical hacker. Elie has 6 jobs listed on their profile. That means that anyone listening to packets between you and your DNS server could know what websites you are visiting, even if the website that you are browsing is secured with HTTPS. The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. Got the new cookie but seems I must be doing something wrong as the new one doesn't do anything. I dont know what the fuck to do, i dont know what the fuck is going on 2. Note that, if a challenge has been retired but I have never attempted to complete it, it will not be included in this list. So now! we are going to the third challenge of web challenge on hackthebox. If you know about HackTheBox you would be pretty familiar with how it works. I took this risk because of two main reasons – firstly, I wanted to face that challenge that everyone still talks about and secondly, a girl for whom I wanted to become successful enough that I can ask her hand. See the complete profile on LinkedIn and discover Harsh’s connections and jobs at similar companies. So, I thought to deviate from our regular topic and talk about it. Programming Productivity Without Breaking Things. I have been in Information Security in some definition for 6 years. 6 are vulnerable. Don't worry CTFs are completely legal even Google and Facebook like giant companies organized them. [WEB] Challenge: I know Mag1k • r/hackthebox • Posted by. You must learn the complete concepts of web in order to understand it deeper. We can go out and look at various people's values of n; for example, the one for Gmail's web site is. I have analysed the detection of insider attacks in Big Data systems. eu,this challenge is hard a bit,okay!!! let's start now,connect to your target and you know the first thing that we always do is check source code,when i look into the source code i marked 2 places like a bellow. Hasta la próxima ;). But still I wanted to do it. The best part is that it is free to the community! You need to pass the first challenge to obtain an invite code in order to play with their challenges. I have been in Information Security in some definition for 6 years. Hello Guys, it been a while since I have wrote a blog. You need a paid subscription ( £10/mo which is fair price) to access retired machines. See the complete profile on LinkedIn and discover Corentin’s connections and jobs at similar companies. Introduction to Dmitry:-So in this post i am going to tell you How to use Dmitry in Kali Linux to gather information from your target. I pre-gamed the OSCP quite a bit. Well without wasting any time lets dig into the devoops system of hackthebox as the title describes. Also, it does directory listings, so the reason we see the link to index. I do have a cookie, and I have decoded it. Hello guys,today i write this post to show you how i'm solve problem of Intermediate Level 6 in hackthis. me is one of those great resources every wannabe hacker should know. Let d be the determinant of K. Exploiting SQLi in Complain Management System. We are throwing it as an public challenge to all members. Experience is what will get your to that pay level Start with CEH or another multiple choice pentesting cert or just get Kali Linux and start with learning from books. sinister geek 585 views. Sure enough, I searched for "dante programming language" and Malbolge came up. htb when visiting 10. Public profile for user Mantop. Special note. Ethical Hacking : India needs 77,000 Ethical Hackers & we are creating only 15,000 per year You must be IT graduate & having some kind of networking knowledge &. GIDDY is a very interesting and tricky Challenge and its ratings seem good and also the level of difficulty is 7/8 out of 10.