September 7, 2021
So You Want To Be An Ethical Hacker?
September 7, 2021
This is one of the most common questions asked by beginners who are starting out in ethical hacking or switching careers due to boredom or lack of interest in their work. It is a tough question. So first things first,__ anyone can learn ethical hacking at any time__, as long as you have the willingness to learn and have excellent problem-solving abilities. Absolutely anyone can learn ethical hacking without prior knowledge in coding or professional developer experience. It is a good idea to learn how things are made before breaking them so one can understand the applications in-depth and work more efficiently. Furthermore, the answer to this question largely depends on the specialization they want to study and the skills they already have.
What does ethical hacking consist of?
Ethical hacking is a very broad field. It’s an umbrella term for different types of hacking - wireless networks, network infrastructure, web application, cloud, IoT, binary exploitation, and a plethora of systems.
What are some prerequisites to learn ethical hacking
Technically there are a lot of areas one needs to be familiar with to be an ethical hacker, but these are a few to be considered:
- Ability to think outside the box
- Knowledge about software components they are trying to break
- Knowledge of Linux
- Knowledge of the Unix terminal or command line
- Knowing how to build something one is trying to break
- Knowing computer networking
Let’s delve deeper into some of the points mentioned above to understand what each of these means. Out of these, the most important are:
Thinking out of the box
Ethical hackers often need to think out of the box to hack on something.
For example, there may be a very hardened application where no vulnerabilities could be found or a network assessment where no component is found vulnerable - hence, they constantly need to find new ways to hack something.
This may not be a straightforward skill but rather a mindset. The out of box thinking mindset is an essential part of being an ethical hacker.
Knowing about software components they are trying to break
It is required to know about the software components and vulnerabilities in the software an ethical hacker is hacking on.
For example, suppose one is hacking on an AEM (Adobe Experience Manager) application, a widely used CMS. In that case, they need to know about various components in AEM software, such as the AEM QueryBuilder.
It requires specialization in that particular software, as modern software is often very complex. There is often a clear lack of expertise about the software component among beginners, which affects their performance.
Knowledge of Linux and hacking distros
Most Linux distros for ethical hackers are based on Linux, so knowledge about Linux and Linux environments is important. One needs to know how to install and use Linux in a VM at a bare minimum. Knowledge of the components of Linux is a plus. One can learn this themselves, but it is easy to feel overwhelmed when learning alone. A structured beginner-oriented course like Linux fundamentals should be a great place to start. Knowledge of Linux fundamentals is a must.
For example, after getting familiar with Linux, one can install Kali Linux and learn how to use it, which is the most popular Linux distribution for hacking.
Knowing how to use command-line tools
Beginners often find it daunting to use the command line, but in reality, it is much easier than they think. Knowledge of Unix and Powershell is needed at least. Most ethical hacking tools such as those installed over ethical hacking Linux Distros like Kali Linux and Parrot OS are command-line tools and don’t have a GUI. To use the command line tools, they would need to know how to pass command-line flags and arguments to pass input into the tools. Hence, knowledge of the components of the command line is essential. Learn Command Line for Windows and Linux course could be useful for anyone learning how to use the command line.
For example, SQLMap is a command-line tool, which is useful for exploiting SQL injection vulnerabilities. One needs to be familiar with how to use it over the command line.
These are a few skills one can begin with or already have to get a better understanding of what they are about to deal with on a regular basis as an ethical hacker. Ethical hackers are expected to possess a wide range of expertise in specific areas they will be dealing in, and these are just the basics.
Mastering Ethical Hacking
Learning curves are different for different people. Mastering anything takes time and patience, so at the same time, one needs to ask themselves if they have the passion for pursuing it, as it is important to be passionate about hacking to hack in the first place. So the answer to the question - “Can anyone learn ethical hacking?” is a bit difficult to answer. It is a matter of one’s passion and willingness to take the challenges that will come in their path.
The learning curve largely varies for different individuals - it may be easier for people with technical knowledge of the IT industry like sysadmins, with basic knowledge of networking and web applications, to get into doing security assessments of networks. Still, at the same time, it might be difficult for them to start reversing applications and do binary exploitation or work on low-level security vulnerabilities.
Developers with low-level experience may find it relatively easier to carry out low-level security research. Hence, having the right skills matter, and having a particular skill already would be a plus.
Suppose anyone wants to learn ethical hacking and has a good grasp of the skills mentioned in this article. In that case, online there are courses dedicated to ethical hacking for enhancing and learning new skills. Sign up to keep abreast with the what's new. Online courses, such as those offered by Cybrary, can be a good way to consume the content and stay in the discipline while learning ethical hacking.
Don’t be afraid of challenges and keep hacking. All the best!