How to Become an Ethical Hacker

Becoming an ethical hacker demands showing an inquiring mind, creative thinking and persistence while working hard to constantly improve your technical knowledge. Even though the testimonials of several hackers prompt us to believe there is no "right way" to become one, they have some experiences in common which serve as examples of a good way to proceed. We share this with you here, along with a couple more facts, so you start out with greater confidence into the awesome world of hacking.

The above description is true of the good guys as well as the bad guys. Like we said in a previous post about ethics in hacking, we can tell the difference between ethical hackers and malicious hackers based on the effects of their practice. The former's actions are honestly meant to benefit the organizations or persons under study. To put it very briefly, ethical hackers do their best not to harm technology or people, not to profit unfairly from a hack, to inform system owners of the identified security issues, to be polite, and to avoid greedy risks.

Those ethics are followed globally by experts who work at cybersecurity companies. Fluid Attacks is not the exception, and it's thanks to those excellent, highly qualified individuals that we can offer our Ethical Hacking solution.

Apart from the widespread use of the words ethical and malicious, there are other terms to refer to hackers. For instance, some spheres of society, including the information security community, also have known ethical hackers as white hats and malicious hackers as black hats. These terms were taken to reflect the same symbolism in old Western films, where heroes and villains wear white and black cowboy hats respectively. Further, there are those in between known as gray hats. These individuals often start and keep probing systems without the systems' owners' permission to find vulnerabilities and later ask the owners for monetary compensation in exchange of the information gained. But here we are solely interested in motivating the growth of the white hat hacker community. Ethical hackers, as you may have guessed, do get the permission of the systems' owners with the goal of helping to make those systems harder to hack.

More formally, apart from the job title ethical hacker, you may work as one under other titles, like penetration tester, security analyst, information security analyst, and security consultant. You may also be opening some opportunities to get a job as a red teamer. Red teaming as a concept places a greater emphasis in assessing security with only some members of the target organization knowing about the ethical nature of the attack simulations. The tips below apply also if you want to train for this role; notably, you'd wanna get involved in red teaming exercises to know what they are about. So let's get started with the tips.

In our series of blog posts based on the book Tribe of Hackers Red Team by Carey and Jin, we presented the opinions of selected hackers on several topics, including how to get started in offensive security. Here, we give a summary of the ideas they've left us, conveniently organized into valued non-technical and technical skills.

As we noted in the first lines of this post, being an inquiring person and showing creativity and persistence are traits that many hackers share. This is probably the right career for you if your curiosity is such that it motivates you to study to learn how systems work and continuously improve your skills. Moreover, you'll need to be able to successfully cope with ignorance, accepting it and making efforts to reduce it.

To fit in this career, it is also helpful to be good at teamwork. Some instances where this is proved important is that whenever you're working along with peers, you have to be transparent and be able to share with them what you have done and documented. Besides, you have to be able to admit when you're wrong and others are right. And you may have to seek help from them sometimes, so you'll have to be comfortable with asking for it and trying to assist others in turn.

Further, when dealing with clients, empathy goes a long way. Since you're probably gonna have to break bad news to people very often, make sure you learn a way of doing this that doesn't come off as rude or unsympathetic. In the end, what you're trying to do is to help others, not bring them down. And now that we mention helping, you have to train your ability to understand who your audience is and then how risks, mitigation and supporting information should be conveyed to be understood by that audience.

Following this line, which is about communication, another tip is to engage in networking, both in person and online. This can help you get job opportunities. It's a matter of interacting at information security events (e.g., conferences and meetups) —we mention some of those below—, as well as in online groups and competitions, where you can get recognition for your skills.

From the technical side, a good goal to aim at would be to be able to build, secure and hack the systems you expect to be in charge of. This is something that Carey in his book suggests everyone in information technology and software engineering should achieve.

Now, going about achieving that goal you don't necessarily need to earn a college degree. If you do opt to get one, it's advisable to choose coursework that is strong in computer science and information technology. Either way, you may want to have a solid base in programming logic and study, as the hacker known as Tinker Secor recommends, "systems, networks, virtual environments and cloud, thick applications, web applications, mobile applications, scripting, physical environments, social exchanges, basic attacks, [and] basic defenses."

Currently, you don't have to do anything illegal to learn to hack. In fact, you can have a pristine record throughout your whole training and career. The materials to learn all aspects of hacking are publicly available. Modern hackers can just learn by hacking in a controlled environment, targeting their own systems or systems built explicitly for this purpose, which could be, for example, virtual machines or web applications with vulnerabilities.

Reading the opinions of the hackers we selected in our series, though, it seems that it's a good idea to leave attacks for last. Basically, before moving on to attacking systems, it's probably best to be a pro at defending them. Some job experience could be helpful prior to having a hacker role, and it is advised to start by gaining some cybersecurity skills in software engineer or systems administrator roles, or the like.

With this strong background, you can increase your involvement in cybersecurity events. Those are some of the places where you'll gain some more knowledge and also mingle with very smart people. We have posted our top 10 ranking of hacking events, so be sure to give it a look. Our top three are, from 1 to 3, OffensiveCon, REcon and DEF CON. These three stand out in how technical and focused on offensive security they are. Hacking events like these may offer you talks, ethical hacking training and exciting contests.

Talking about contests, it's a good idea to participate in capture-the-flag competitions (shortened as CTFs). These challenges consist basically in finding flags, such as files or pieces of code, hidden in vulnerable systems or software products. We have a post of our top 10 CTFs ranked by the average difficulty of their five most recent events up until September 2022. Our top three are, from 1 to 3, 0CTF, PlaidCTF 2022 and DEF CON CTF. Read the post and find out what these and the other CTFs are about.

Yet one more thing that may help you advance your skills (and show recruiters your commitment) is earning some certifications in offensive security. You get these by passing theoretical or hands-on exams. Like with all the tips above, there isn't an ethical hacker certification path set on stone, so take the following only as suggestions.

First off, it's important to know that you probably don't need a lot of certifications, or any, to get a job as a hacker. When you feel you are ready for the challenge, you may want to start looking into the OffSec Certified Professional (OSCP) and the Certified Red Team Expert (CRTE) certifications. You can read their descriptions in our certifications page. Our VP of Hacking, Andrés Roldán, recently included those two in his personal top 10 ethical hacking certifications arranged by their difficulty. They were in the places 9 and 8, respectively. The most challenging in his ranking is Offensive Security Exploitation Expert (OSEE), followed by OffSec Certified Expert³ (OSCE³) and eLearnSecurity Certified Penetration Tester eXtreme (eCPTX). Those three could be your Mount Everest. And what about the Certified Ethical Hacker (CEH) certification? Well, we made a description and critique in a previous blog post. Read it, then decide if it would be in your plans to get it. In that post you can also find Roldán's top 10.

Our last tip is to remember to stay up to date about new trends and best practices in the IT industry. So, we recommend you subscribe to our newsletter.

If you want to start working in cybersecurity, as a hacker or otherwise, check out our available positions at Fluid Attacks. If something there piques your interest, contact us.