Friday, January 15, 2016

I want to be Ethical Hacker

A lot of people want to be ethical hacker or penetration testing, it is very rewarded job and also require a lot of effort, I will describe in this article what knowledge you need if you want to be ethical hacker. I will not touch the soft skills only the technical ones.

First this is not an easy path, it will require perseverance and a lot of self study including think completely different than any other tech (outside the box).

Basic Knowledge

Yes, you need to have basic knowledge and it has to be very solid, you do not have the luxury to have holes in your basic knowledge.

Knowledge of Windows/Linux OS, you have to be strong in one of them and very proficient in the second, I am not saying you can create a cluster with those servers, I am saying the same knowledge you should have if you are a System Admin or System Engineer working for an IT company (yes, it is very different working for one company than working for one).

Network knowledge, yes, you have to have knowledge how routing works, tcp/udp, packets, routers, switches, arp, firewalls, etc. How will you bypass a firewall if you do not know how it works or sniff traffic if you do not know switches?

Programming knowledge, you have to have one language where you are strong and if you are going to web ethical hacker you have have more that one language. A lot of hacker use perl and python.

Specialty Knowledge

This depend in what you want to be good, you cannot be strong in all the specialty with some exceptions. These are some example

Specialty Attacking  Network: For this you need to have a good knowledge of protocols, routers, switches firewalls, wifi,packets, etc.

Specialty Attacking Systems: This include a lot of the networks because you use packets, etc. Plus good knowledge in Windows/Linux and how to escalate on it to be an administrator on the server or domain.

Attacking Web Applications: In this you have to have knowledge of different web programming language like ASP, PHP, Java, etc. Also you need to have good databases knowledge, yes, How will you try to do SQL injection when you do not know anything about SQL queries?

Conclusion

A lot of ethical hackers have a mix of skills, They normally are strong in one specialty and a little weak in the other specialty, In the beginning do not worry what skills you will have, Begin to build your skills and later you will find what of those fields you want to be and go for, Enjoy all the process.

Tell us what do you think at http://www.learn-security.net/








No comments:

Post a Comment