



Many of my aspiring hackers have written to me asking the same thing. "What skills do I need to be a good, professional hacker?"

As the hacker is among the most skilled information technology disciplines, it requires a wide knowledge of IT technologies and techniques. To truly be a great hacker, one must master many skills. Don't be discouraged if you don't have all the skills I list here, but rather use this list as a starting ground for what you need to study and master in the near future.

This is my overview list of required skills to enter the pantheon of this elite IT profession. I've broken the skills into three categories to help you go from one rung to the other more easily—fundamental, intermediate, and intangible skills.

The Fundamental Skills

These are the basics that every hacker should know before even trying to hack. Once you have a good grasp on everything in this section, you can move into the intermediary level.

1. Basic Computer Skills

It probably goes without saying that to become a hacker you need some basic computer skills. These skills go beyond the ability to create a Word document or cruise the Internet. You need to be able to use the command line in Windows, edit the registry, and set up your networking parameters.

Many of these basic skills can be acquired in a basic computer skills course like A+.

2. Networking Skills

You need to understand the basics of networking, such as the following.

DHCP

NAT

Subnetting

IPv4

IPv6

Public v Private IP

DNS

Routers and switches

VLANs

OSI model

MAC addressing

ARP

As we are often exploiting these technologies, the better you understand how they work, the more successful you will be.

3. Linux Skills

It is extremely critical to develop Linux skills to become a hacker. Nearly all the tools we use as a hacker are developed for Linux and Linux gives us capabilities that we don't have using Windows.

If you need to improve your Linux skills, or you're just getting started with Linux, check out my new Linux series for beginners below.

4. Wireshark or Tcpdump

Wireshark is the most widely used sniffer/protocol analyzer, while tcpdump is a command line sniffer/protocol analyzer. Both can be extraordinarily useful in analyzing TCP/IP traffic and attacks.

5. Virtualization

You need to become proficient in using one of the virtualization software packages such as VirtualBox or VMWare Workstation. Ideally, you need a safe environment to practice your hacks before you take them out in real world. A virtual environment provides you a safe environment to test and refine your hacks before going live with them.

6. Security Concepts & Technologies

A good hacker understands security concepts and technologies. The only way to overcome the roadblocks established by the security admins is to be familiar with them. The hacker must understand such things as PKI (public key infrastructure), SSL (secure sockets layer), IDS (intrusion detection system), firewalls, etc.

The beginner hacker can acquire many of these skills in a basic security course such as Security+ or through my upcoming series on Information security concepts

7. Wireless Technologies

In order to be able to hack wireless, you must first understand how it works. Things like the encryption algorithms (WEP, WPA, WPA2), the four-way handshake, and WPS. In addition, understanding such as things as the protocol for connection and authentication and the legal constraints on wireless technologies.

To get started, check out my tutorial below on wireless hacking strategies , then read my collection of Wi-Fi hacking guides for further information on each kind of encryption algorithms and for examples of how each hack works.

The Intermediate Skills

This is where things get interesting, and where you really start to get a feel for your capabilities as a hacker. Knowing all of these will allow you to advance to more intuitive hacks where you are calling all the shots—not some other hacker.

8. Scripting

Without scripting skills, the hacker will be relegated to using other hackers' tools. This limits your effectiveness. Every day a new tool is in existence loses effectiveness as security admins come up with defenses.

To develop your own unique tools, you will need to become proficient at least in one of the scripting languages including the BASH shell. These should include one of Perl, Python, or Ruby. I will be offering tutorials on all them shortly.

​

9. Database Skills

If you want to be able to proficiently hack databases, you will need to understand databases and how they work. This includes the SQL language. I would also recommend the mastery of one of the major DBMS's such SQL Server, Oracle, or MySQL. I will have a series of tutorials exclusively in SQL Injection (SQLi) soon.

10. Web Applications

Web applications are probably the most fertile ground for hackers in recent years. The more you understand about how web applications work and the databases behind them, the more successful you will be. In addition, you will likely need to build your own website for phishing and other nefarious purposes.

11. Forensics

To become good hacker, you must not be caught! You can't become a pro hacker sitting in a prison cell for 5 years. The more you know about digital forensics, the better you can become at avoiding and evading detection. I will be starting and continuing my extensive digital forensics series here in the next month.

​

12. Advanced TCP/IP

The beginner hacker must understand TCP/IP basics, but to rise to the intermediate level, you must understand in intimate details the TCP/IP protocol stack and fields. These include how each of the fields (flags, window, df, tos, seq, ack, etc.) in both the TCP and IP packet can be manipulated and used against the victim system to enable MitM attacks, among other things.

13. Cryptography

Although one doesn't need to be a cryptographer to be a good hacker, the more you understand the strengths and weaknesses of each cryptographic algorithm, the better the chances of defeating it. In addition, cryptography can used by the hacker to hide their activities and evade detection.

14. Reverse Engineering

Reverse engineering enables you to open a piece of malware and re-build it with additional features and capabilities. Just like in software engineering, no one builds a new application from scratch. Nearly every new exploit or malware uses components from other existing malware.

In addition, reverse engineering enables the hacker to take an existing exploit and change its signature so that it can fly past IDS and AV detection.

The Intangible Skills

Along with all these computer skills, the successful hacker must have some intangible skills. These include the following.

15. Think Creatively

There is ALWAYS a way to hack a system and many ways to accomplish it. A good hacker can think creatively of multiple approaches to the same hack.

16. Problem-Solving Skills

A hacker is always coming up against seemingly unsolvable problems. This requires that the hacker be accustomed to thinking analytically and solving problems. This often demands that the hacker diagnose accurately what is wrong and then break the problem down into separate components. This is one of those abilities that comes with many hours of practice.

17. Persistence

A hacker must be persistent. If you fail at first, try again. If that fails, come up with a new approach and try again. It is only with a persistence that you will be able to hack the most secured systems.

I hope this gives you some guidelines as to what one needs to study and master to ascend to the intermediate level of hacking. In a future article, I'll discuss what you need to master to ascend into the advanced or master hacker level, so keep coming back, my novice hackers!



