Ethical hacking is the perfect career choice for those interested in problem solving, communication and IT security. Here’s what it takes to become a white hat hacker.
An essential guide to becoming an ethical hacker
I receive lots of mails asking for guidance on how to become an ethical hacker. Most requests are on how to become a black hat hacker which are usually ignored. Let’s take a look at the definition of an ethical hacker.
An ethical hacker is a person who hacks into a computer network in order to test or evaluate its security, rather than with malicious or criminal intent.
So, if you wish to become an ethical hacker, there aren’t any easy methods to become one. It is easy to script a kiddie and load up Armitage or Fast-track and fire every exploit known to man at a target. But there is no use at firing Linux exploits at a Windows box.
Prerequisite Knowledge Required
In order to enter into the IT security field as a white hat, you should be well versed in the following areas
- Operating systems (Linux and Windows)
If you are sure that you have good knowledge in the above said areas, then you can start learning about hacking. When you have knowledge about the fundamentals of IT, you can learn how to break some of the underlying vulnerabilities within computer architecture.
The below mentioned activities can help you in this
It’s important never to engage in “black hat” hacking–that is, intruding or attacking anyone’s network without their full permission. Engaging in illegal activities, even if it doesn’t lead to a conviction, will likely kill your ethical hacking career. Many of the available jobs are with government-related organizations and require security clearances and polygraph testing
What areas to concentrate on in order to build a foundation
Networking – Cisco courses are really good. There are many CCNA courses available.
Programming – Learn languages like C++, Python/Ruby and PHP.
Databases – Work with MySQL and MSSQL and make your own database to know how it works.
Operating systems – Most types of Linux are the similar to one another, I use Debian on a lot of servers and Kali. Additionally, it is worth understanding the more obscure areas of Windows such as the registry.
Almost all the best operating systems for hacking is based on Linux kernel, so favorite operating systems of hackers are always Linux. UNIX/LINUX is an open source operating system which provides better security to computer systems. It was first developed by AT&T in Bell labs and contributed a lot in the world of security. You should install LINUX freely available open source versions on your desktops as without learning UNIX/LINUX, it is not possible to become a hacker.
Parrot Security OS
Linux distro for hacking purposes
- Kali Linux
- Parrot Security OS
- BlackArch Linux
- Fedora Security Spin
- Read books about hacking
To become a successful hacker you need to master the art of cryptography. Encryption and Decryption are important skills in hacking. Encryption is widely done in several aspects of information system security in authentication, confidentiality and integrity of data. Information on a network is in encrypted form such as passwords. While hacking a system, these encrypted codes needs to be broken, which is called decryption.
Some of the books worth reading are
- The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
- Hacking: The Art of Exploitation, 2nd Edition
- The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
- Metasploit: The Penetration Tester’s Guide
- CEH Certified Ethical Hacker All-in-One Exam Guide
- Google Hacking for Penetration Testers
Undertake FREE Ethical hacking courses
It is good if you take some free ethical hacking courses even though it won’t give you any industry recognized qualification. But they are sure to teach you a lot about the various areas of ethical hacking that will make way to recognized qualifications.
You can register for a free Cibrary account to do a free ethical hacking course at Cibrary
Know about Latest Hardware Tools
A skilled hacker always keeps a wide variety of tools so he can complete any task. Here you will find all the hardware tools you will need to get the job done.
Undertake recognized online courses
All these courses are paid ones and industry recognized which will help you to find a job in the IT security sector.
- CEH – (Certified Ethical Hacker)
- CHFI – (Computer Hacking and Forensic investigator)
- OSCP – (Offensive Security Certified Professional)
- CISM – (Certified Information Security Manager)
- CISSP – (Certified Information Systems Security Professional)
- CompTIA Security+
Communicate and follow other fellow IT security enthusiasts through the following mediums
- Facebook (The Hacking News, & Other Hacking, Security Pages )
Self-learn by watching online tutorials
Attend Local and International Hacking Conference
Like other IT areas, hacking has conventions and conferences dedicated to it, such as DefCon, one of the oldest and largest of these. Such gatherings can be a great place to meet and network with peers and employers, and to discover more about hacking. DefCon also has affiliated local groups in select areas.
Download practice environments to practice and refine newly learned skills
- DVWA (Dam Vulnerable Web Application)
- Samurai WTF
- Linux Security Distro Tools
What does a hacker earn?
Hackers can command a high salary for the work they do. The median yearly pay for information security analysts, which includes ethical hackers and penetration testers, was $86,170 in 2012. The top ten percent of earners in this field made more than $135,600 that year and the lowest ten percent made less than $49,960.
What are the job prospects?
The amount of money spent worldwide for IT security can be measured in the tens of billions of dollars, and has increased significantly over the past few years. The Bureau of Labor Statistics projects that employment of information security analysts in the United States will grow by 37 percent between 2012 and 2020, much faster than the average growth for all occupations.
What are the long term career prospects for hackers?
With experience, ethical hackers can advance into senior positions in their company, land more lucrative jobs with other companies, or start their own consulting services.
How can I find a job as a hacker?
Hackers can find work with many different kinds of organizations, including the government. Working for the government with groups like the Departments of Defense or Homeland Security typically requires earning a security clearance, which involves passing an extensive background check.
Making contacts within the hacker community can help you find job opportunities. Hackers are heavily recruited by all types of organizations looking to secure their IT systems, and participating in events like hacking conferences and conventions can put you in contact with colleagues and recruiters.
IT Security Professional – Security Researcher & Consultant for the Government, Enthusiast, Malware Analyst, Penetration Tester.