Hacking involves skills used to compromise digital devices such as computers, smartphones, tablets, and even entire networks. Hacking has two sides to it ie Ethical hacking and Unethical hacking, today we will understand everything to start learning Ethical Hacking.
What is Ethical Hacking?
Ethical hacking is a skill set that requires a solid foundation in writing software, designing networks, navigating operating systems, and interpreting network protocols. It can be developed as a mere hobby to pull off pranks on your friends or on a serious note to stop hackers from hacking systems.
Ethical hacking involves individuals understanding the common tools used and a network of like-minded peers. Ethical hackers are the good guys, they try to find the flaws in the network, implement secure networks, and in general set up a network environment that is strong and impenetrable under any cyber attack.
The learning path for Ethical hacking involves basic study and self-study. We will discuss both in great detail. Know how white hat hackers become millionaires.
Learn the Basic Skill Set for Ethical Hacking
Capture the Flag is a self-paced learning option. It offers exciting downloadable vulnerable environments or competitive online events where you need to tackle the vulnerable systems either by attacking or defending. Some of these may prove to be frustrating, though in general are a good learning platform for beginners and helps you build confidence especially while you are trying to expand your skills. You are not exposed to the real hacking world as the environments are securely built.
Plaid CTF: A starter CTF you can get started with right now.
CCDC: A platform that offers opportunities to college students to get exposed to an enterprise network from skilled attackers. The two-day workshop gives them the opportunity to hack networks and understand what they can do better. Those who clear the tasks may end up getting competitive job offers.
CSAW: You only get to attempt the qualifiers online, a platform worth investing your time for tackling a diverse set of challenges.
Insomni’hack: This conference takes place in Geneva, Switzerland and the crypto-currencies can’t be trusted.
InCTF International: an online jeopardy format style CTF and the event focuses on the basic CTF category ie Crypto, Web, Reversing, Pwn, Forensics.
GoogleCTF: One of the world’s best hacking competitions, Google CTF consists of two events, 10 teams are invited to the final and compete onsite for a prize pool of more than USD $31,337.
DEF CON: It is one of the biggest and oldest hackers summits. It offers a 2M$ grand prize money and also offers a Black Badge to the contest winners.
Hack.Lu CTF: Offers a combination of fun and challenge. You get your hands on the old CTF’s that are available online.
OCTF/TCTF: One of the toughest CTF contests hosted by the Shanghai Jiao Tong University. The format of the game is Jeopardy-style and open for every team in the world.
ASIS CTF: It is an online jeopardy format CTF organized by asis team, an academic team from Iran. It involves a set of challenging categories like Crypto, Web, Reverse Engineering, Pwn, and Forensics. It has no restriction on the number of team members.
Books offer you hands-on examples and lab scenarios that make learning easy. There are a number of books available, but we have mentioned a few we have been following up on during the course of our studies. If you are on a budget you can check out a local library or subscribe to an ebook service.
- Hacking for Dummies
- CEHv10 Study Guide by SYBEX
- Hacking, The Art of Exploitation
- Metasploit: The Penetration Tester’s Guide
- Rootkits: Subverting the Windows Kernel
- Reversing: Secrets of Reverse Engineering
- Practical Malware Analysis
- Gray Hat Python
- Bulletproof SSL and TLS
Keeping your Knowledge base updated
Blogs and news feeds
You can follow a number of blogs online to keep your knowledge updated. We have mentioned some of the blogs you may like to follow.
Krebs on Security: The Krebs on Security blog offers content related to data breaches and other real-world attacks.
Schneier on Security: Security news blog, focuses on cryptographic expert’s diverse feed of security-related news. The comments section is worth reading as it reveals some good discussions.
Electronic Frontier Foundation: The blog keeps an eye on the legal and ethical implications of electronic privacy and cybersecurity law.
Cisco Talos: Superb technical analysis of vulnerabilities and malware that the Talos team discovers in the wild.
Hacker News: The security-related blog offers technical news, tools, and blogs.
YouTube offers a number of worthy channels that you can benefit from. We mentioned a few for you to jump on.
Apart from all this, you can also choose to opt for online courses available for Ethical hacking. The courses are as mentioned below.
These are some of the courses offered by Udemy
- Learn Ethical Hacking From Scratch
- The Complete Ethical Hacking Course: Beginner to Advanced!
- Hacking in Practice: Certified Ethical Hacking MEGA Course
- Ethical Hacking with Hardware Gadgets
- CompTIA Pentest+ (Ethical Hacking) Course & Practice Exam