Learning how to become an ethical hacker can be daunting at first. Every page tells you to know everything about everything or else you’ll be a script kiddie.

But that’s not true!

Follow this guide from top to bottom and you’ll find yourself in the infosec field sooner than you thought.

This is a long guide, so you might want to bookmark it, read on, apply the steps and come back later.

Why should you listen to me?

I’m an Information Security Professional who is pursuing MBA in (Information Security) from SYMBIOSIS CENTER OF INFORMATION TECHNOLOGY .

Over the years i have developed the skills of Vulnerability Assessment and Penetration Testing,Webapp Application Security,Network Security.

I’m not some faceless hacker telling you stuff. You can watch me introduce myself hehereon my youtube Channel :

CYBER WIZARD YOUTUBE CHANNEL

Become An Ethical Hacker

In order to become an ethical hacker, you’ll need to understand some things about everything and everything about something.

The key is to choose one topic you want to be very good at, and others you’ll just need to get the overall context.

So what do you need in order to become an ethical hacker?

Join The Community

Contrary to popular belief (ethical) hacking is a group activity. The first step you want to do, to become an ethical hacker is to join different communities.

Find a site, youtube channel or subreddit where people talk openly about exploiting hardware and software with the same enthusiasm as you. Then start reading, upvoting or whatever and someday make your own submissions to the community.

Learn To Google

Googling will turn out to be the most useful skill in your journey to become an ethical hacker. And this for two major reasons:

You’ll be on the edge of technology or scavenging through decades-old legacy stuff. You need to know how to gather and research for the things you don’t know.

If you encounter a problem chances are high, that another person already had that problem sometime in the past.

Learn about Security

You’ll need some basic knowledge about Security Concepts. The CompTIA Security+ course and exam offer good basic theories and concepts for beginners.

Do some hacking

What would a ethical hacker be, without hacking. Just ethical, I guess.

Do some applied hacking challenges online for free and legal. You can do this on sites like hacking-lab.com and other. You should know how to google by now, so use that skill to find hacking challenges online.

If you’re too afraid to try it, or too lazy for that matter, don’t worry.

I have a lot of content on my youtube channel, where I show how to solve such challenges. Here’s one for you to get started:

CTF WALKTHROUGH

These competitions usually are called CTF’s (Capture The Flag). The goal is to attack a vulnerable system and find a flag (password, file, anything) and disclose it.

Start by watching and reading a couple of Solutions to these challenges. But it’s important that you’ll start doing them one day.

Learn about systems

Learn about different OPERATING SYSTEMS and what makes them different (or equal). Then choose one OS you like and become a / superuser in it.

Some applicable steps to learn about systems:

Set up a service (like a webserver)

Start using virtual machines and install different OSes

Edit stuff in those virtual machines and see what happens

automate boring stuff using bash or another CLI

Try to fumble with configurations and look what happens

Read Documentations, Google Questions

Learn Some Coding

You don’t have to be a pro coder to become an ethical hacker, but you should be able to build a website or an app in order to destroy it later on.

The basic concept of many languages is the same. It’s the implementation that differs, sometimes even syntax.

There are a different couple of paradigm when it comes to Progamming like:

Functional

Object Oriented

Javascript (what the hell)

procedural

DataBases (SQL, Relational)

DataBases (NoSQL)

Choose 1-2 paradigms and learn them (via coding in different languages).

If you want to do some hardware/ reverse engineering C and assembly are your friends. They’re programming languages, but tend to be more “flexible” or prone to errors, since you have to do everything yourself.

I would start with C and then do some more coding with a higher-level language like C# or (ugh) Java.

You don’t have to be a perfect coder, you should be able to read between languages, fill the gaps with googling if necessary and most important: USE DEBUGGERS!

Learn How Networks work

Nothing goes anymore without some network things involved. Learn the basic concept of different protocols. Use your system knowledge to implement and configure Services.

Maybe do some socket programming in C or some web development, to understand how a basic network architecture works.

Focus on one particular subject you want to be good at (firewall config, socket coding, etc…) and become good at it.

Become an Ethical Hacker

If you’ve come this far, you should have a solid understanding on how computers, networks and programs work.

You’re able to fill missing gaps and learn new stuff fast using google. You should be able to write little scripts to automate tasks, know some basic concepts of networking and how a software works. You’ve even learned some things about hacking, on your road to here.

Now you need to learn about ethical hacking. This includes not only technical aspects but also things like:

How do I even start a Penetration Test

What tools are involved

What is ethical and what not?

These and more questions are going to be answered by my new series on YouTube

Have an Awesome time!!

Sawan Bhan(cyber wizard)