I have been using backtrack/kali on and off since BTR3 I think it was. I originally used it only to crack WEPs. I looked into WPA2 and determined that because most people now use complex passwords it just wasn't worth pursuing a dictionary attack.
By the time I discovered reaver it seemed that most of the routers around me were patched. Although I understand it in theory, I have never been able to use it successfully. I had fun playing around with mitm attacks and using the mitmf framework. I found that although combining beef and mitmf works well against outdated browsers, it is rendered useless against chrome or advanced browsers. Do we have any attacks that work well against Chrome?
Last year I developed an interest in the exploitation side of things so I learned nmap, hping3, metasploit, AV evasion, and the basics of netcat, Open_Vas, and THC-Hydra. I found that openVAS rarely gave me any useful info. Do you guys have different results? I also couldn't really could get THC-Hydra to work on my router, even after following the various guides here.
Recently I decided to learn linux and got through the 25 part series here on null-byte.
Looking back I am curious to hear what you guys think is the optimal hacker's progression. What do you think I should learn more about? Obviously there is still tons more out there for me.
Despite viewing almost all of the recon tutorials on this site, I feel that I know how to do recon on a server, but not so much on a personal computer. Metasploit is great and full of exploits, but without knowing which will work on a computer, they don't do much good. I have tried using nmap to query the service and version but it frequently doesn't retrieve any info. I have avoided Maltego and some of the others because they offer a limited number of scans / cost money.
Thanks for any help/suggestions!
P.S. I have briefly touched on Database work (SQL Injection) and from my research determined that most sites are now patched. The cost benefit analysis of learning that skill makes me think it isn't worth learning.