Professional Documents
Culture Documents
Recent Posts
Recent Posts
Easy
Recently, I posted a 36-part Twitter thread (
https://twitter.com/thecybermentor/status/1343471814132031488) on how to become an
September 22, 2020
ethical hacker in 2021. Given that it was well received, I thought it might be better to put all
Differences Between A
of that information into a more digestible page. So, without further ado, let’s chat about Vulnerability Scan And...
important to build a strong foundation in IT prior to jumping right into the awesome hacky
Exploit Development
stuff. Think about your hacking career as if it were a house. If you build a house upon a
Security
weak foundation, there’s a good chance it will crumble. The same goes for your hacking
career. If you skip over the foundational skills, you’ll likely find yourself lost and Uncategorized
overwhelmed, which may discourage you from heading down the hacker path all together.
Second, ethical hacking is a “sexy” field. You literally get paid to break into networks,
applications, buildings, and lots more. That’s damn sexy indeed. On top of this, it pays very
well. Why does it pay well? Well, because not everyone is cut out to do this type of work. Tags
It’s basic economics at the end of the day: low percentage of capable workers coupled with a
high demand leads to high salaries. Exploit Development
So why am I going on about this? Mainly because I see a lot of people try to break into the Penetration Testing
field because hacking sounds cool or pays well. I see a lot of people chasing the money.
You should not be choosing this field solely because it pays well. Hacking is a lot of work. Vulnerability Scanning
Not only is it challenging to break into the field, but you also have to stay on top of your
game as new exploits and defenses come out. You are expected to be a life-long learner and
if you’re at all complacent, you’ll be left behind by your peers.
Ensure that you’re interested in being a hacker because it excites you. The money is just a
perk. You cannot be complacent. You can never stop learning. You have to constantly work
hard to stay on top of your game. For this, you’ll get paid incredibly well and have a ton of
fun.
The Foundations
With my rant out of the way, let’s chat about the foundational skills that I feel are necessary
to mold a good hacker. With each of the skills, I will link resources/courses to help improve
your skillset. Some of the links will be related to certifications. You do not have to take the
certification unless you want to (though, it could help with landing a job). If you’re short on
cash, just focus on the trainings themselves.
1) Basic IT skills. By this, I mean your standard break/fix help desk skillset. Can you build a
computer and identify its parts? Can you troubleshoot and fix issues? In my mind, this
would be equivalent to the CompTIA A+ certification. If you’re brand new to IT and starting
q p y g
here, I strongly recommend picking one of the following resources:
PAID – https://www.cbtnuggets.com/certification-playlist/comptia-a-plus
3) Linux skills. We use a lot of Linux in ethical hacking. Primarily, we use a Debian-based
distribution. This is often either Kali Linux or Parrot. Some hackers choose to use their own
builds and distributions, but Kali and Parrot dominate the majority. Fortunately, there are a
multitude of free resources out there for individuals interested in learning Linux.
My personal recommendation is to treat Linux like learning a foreign language. You can
learn from an instructor and sure, you’ll pick stuff up. However, if you immerse yourself in
the environment (e.g. living in a foreign country or in our case, using Linux as a primary
operating system), you’ll pick things up a lot easier. Try installing Linux and using it for a
week without using any other operating system. You’ll be surprised how fast you learn!
With that being said, here are two fantastic free websites for learning Linux:
https://linuxjourney.com/
https://overthewire.org/wargames/bandit/
You can also use YouTube, Udemy, or other learning platforms to build this foundation.
y gp
For coding, I recommend starting with Python. Python is incredibly beginner friendly and is
fairly easy to pick up. Here are some of my favorite resources:
(Note: Make sure you learn Python 3 and NOT Python 2 as it is quickly becoming
deprecated)
BOOK – Amazon –
https://www.amazon.com/Learn-Python-Hard-Way-Introduction/dp/0134692888
Okay, we’re through the foundations and ready to start hacking. Where to start? Self-plug,
but I strongly recommend my Practical Ethical Hacking course (
https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course)
Note: The first 10 hours of this course are free to watch without signing up. Just click
preview under the Course Curriculum section.
The Practical Ethical Hacking course is designed to teach you the foundational skills
described above (it has sections on Linux, Python, and Networking) and build you up into
actual hacking. Beyond the basics, it covers buffer overflows/exploit development, web
application hacking, and Active Directory hacking. You can also find a shorter (and
somewhat dated) version of the course free here:
https://www.youtube.com/watch?v=WnN6dbos5u8&ab_channel=TheCyberMentor
Beyond this I think it’s great to start practicing hacking with intentionally vulnerable
Beyond this, I think it s great to start practicing hacking with intentionally vulnerable
machines. That is: machines that are designed to be hacked. A lot of these machines are
not “practical” and follow more of a “Capture the Flag (CTF)” style. However, they are great
at teaching the fundamentals, tools, and mental persistence needed to be successful as a
hacker. My three favorite sites for this are (in order):
https://tryhackme.com
https://hackthebox.com
https://vulnhub.com
I highly suggest starting with TryHackMe first, especially as a beginner. The platform has a
lot of free machines that you can practice on and really helps hold your hand/describe what
actions you’re taking and why. If you have $10 to spare, the monthly subscription is worth
it. The other two sites are great, but are more challenging for beginners and should be done
once you have some experience under you belt, in my opinion.
Additionally, if you like the CTF-type hacking, you might also be interested in participating in
CTF events. If so, you should check https://ctftime.org for the latest upcoming CTFs and
participate in them/read the writeups to improve your game.
Once you are feeling comfortable with the basics, there are several additional areas of
hacking that you should familiarize yourself with, especially if you want to be a pentester.
Those areas are:
1) Active Directory. Active Directory hacking is, in my opinion, one of the most overlooked
categories by people looking to break into the field. Given that >95% or so of Fortune 1000
companies utilize Active Directory in their business environments, it’s an incredibly
significant skillset to learn. Active Directory hacking comes up a ton in interviews and I find
that a lot of people I’ve interviewed in the past that had shiny certifications, but no work
experience, really struggled with the topic.
For Active Directory, beyond my course above, there are some pretty fantastic resources.
Start with this blog, as it’s still relevant in 2021:
https://medium.com/@adam.toscher/top-5-ways-i-gained-access-to-your-corporate-
wireless-network-lo0tbo0ty-karma-edition-f72e7995aef2
Then look into these courses. Both are paid, but worth it:
https://www.pentesteracademy.com/redlabs
https://www.zeropointsecurity.co.uk/red-team-ops
On top of this, here are people (and blogs) you should follow if you’re interested in Active
Directory hacking:
@PyroTek3 – https://adsecurity.org/
@_dirkjan – https://dirkjanm.io/
@Haus3c – https://hausec.com/
2) Web Application Hacking. Any sort of application hacking is in high demand right now.
When you see all those fancy bug bounty posts, it’s more than likely a bug that was found on
a web or mobile application. There are jobs out there just for web app hackers. If you want
to be a pentester, you have to learn this to step up your game. Here are some great, mostly
free, resources:
https://hacker101.com
https://portswigger.net/web-security
https://www.bugcrowd.com/hackers/bugcrowd-university/
https://pentesterlab.com
(Self-plug: I’ve got a free course on YouTube for hacking web apps:
https://www.youtube.com/watch?v=24fHLWXGS-M)
It is also helpful, when learning web apps, to familiarize yourself with OWASP (
https://owasp.org), the OWASP Top 10 (https://owasp.org/www-project-top-ten/), and the
OWASP Testing Guide (https://owasp.org/www-project-web-security-testing-guide/)
Beyond these resources, reading bug bounty write-ups is always interesting and helps
understand the various exploits you might see in web applications. You can dig these up via
blogs and Google, Additionally, most of the bounty websites have them. Such as:
https://hackerone.com/hacktivity
3) Wireless Hacking. You can learn to hack wireless networks pretty quick. In fact, a lot of
the hackers I know started out tinkering with wireless hacking before jumping into other
areas of ethical hacking. You can easily pick up the skillset needed to hack WPA2 Personal
by having the right equipment and reading a short blog post, such as:
https://www.aircrack-ng.org/doku.php?id=cracking_wpa
WPA2 Enterprise is a little trickier, but hey, there are blogs for that too:
https://cyberpunk.xyz/targeted-wpa2-enterprise-evil-twin-attacks-eaphammer
4) Certifications. The next thing to discuss are certifications. In my opinion, unless you
need the Certified Ethical Hacker (CEH) or the CompTIA Pentest+ for job purposes (see: DoD
8570), then avoid them. They are not worth the time or effort.
As of this posting, the best return on investment hacking certification (and a bit of a
glorified gatekeeper bypass-er) is the OSCP: https://www.offensive-security.com/pwk-oscp/
There are other valuable hacking certifications, from organizations such as SANS and
INE/eLearnSecurity, but they are more expensive and the return on investment is arguably
less.
Regardless of the certification you choose (and you should pick at least one, in my opinion,
to be competitive in the current job market), you’ll likely need to have skills in basic exploit
development (see: buffer overflows), basic hacking, and privilege escalation.
5) Exploit Development. Since we’ve covered basic hacking already, let’s talk about exploit
development and buffer overflows. For a lot of the practical exams (OSCP, eCPPT, etc), you
will be asked to perform a basic stack-based buffer overflow. This may sound daunting, but
it’s not all that bad.
If you can complete the buffer overflow from these tutorials, you can knock out the exam
overflows with little issue.
If you find yourself intrigued by exploit development and wanting to learn more, there are
two great YouTube channels I can recommend:
LiveOverflow – https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
GynvaelColdwind – https://www.youtube.com/user/GynvaelColdwind
6) Privilege Escalation. This is a topic many new hackers struggle with. You land on a
machine, but you’re not the admin/root user. How can you elevate your privileges? You’ll be
tested on this in practically any relevant exam, so it’s a topic you should know.
As does TibSec:
Plus, there are a million guides out there for PrivEsc. I will leave you to your Googling skills
to find these, but here is just one example of a great guide:
https://book.hacktricks.xyz/linux-unix/privilege-escalation
Content Creators
This article would be incomplete if I did not include some of my favorite content creators.
I’m including both smaller and larger channels, in no particular order. Additionally, I
apologize in advance if I miss someone!
General Hacking:
DC CyberSec – https://www.youtube.com/channel/UC3sccPO4v8YqCTn8sezZGTw
HackerSploit – https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
NullByte – https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
sup3rhero1 – https://www.twitch.tv/sup3rhero1
Ash_F0x – https://www.twitch.tv/ash_f0x
NahamSec – https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw
STÖK – https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
InsiderPhD – https://www.youtube.com/user/RapidBug
The XSS Rat – https://www.youtube.com/channel/UCjBhClJ59W4hfUly51i11hg
Codingo – https://www.youtube.com/channel/UCUfO02gdMDXgOJWdv_jiLMg
PwnFunction – https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A
Farah Hawa – https://www.youtube.com/channel/UCq9IyPMXiwD8yBFHkxmN8zg
Communities
Lastly, I believe communities are an important aspect to becoming a good hacker. It gives
you the ability to ask questions, help others, and network with people in the field or looking
to get into the field. Do not underestimate the importance of networking with others and do
not underestimate how a strong community can enhance your learning. Here are a few of
my favorites:
Conclusion
I really hope you found this article useful. While it is by no means all-inclusive, a lot of the
links I provided helped to guide me to where I am today. Every path is different and I
encourage you to research outside resources as well. Regardless, you now have enough
material in front of you to keep you busy for all of 2021. Happy hacking!
Leave A Reply
Your email address will not be published. Required fields are marked *
Comment
Name * Email *
Website
Save my name, email, and website in this browser for the next time I comment.
POST A COMMENT
PDFmyURL.com - convert URLs, web pages or even full websites to PDF online. Easy API for developers!