So this question is asked quite frequently, and I thought it would make the most sense to explain what you’ll need to know to become a hacker in this post.
Now, before we get into the technical details, first some background about me. I have a Master of Science in Computer Science with a concentration in Telecommunications and Network Security. I have a Bachelor of Science in Information Technology with a concentration in Computer Forensics and a double minor in Computer Science & Cybersecurity. And I have been a member of a Red Team for the past couple of years.
So what are you going to need to know to be a Hacker? Here are the key concepts from the Study Guide that I used to prepare for an exam to get my Red Team Job
You’ll need to know basic programming concepts, and how to read and interpret scripts/code. You will need to be familiar with Shell scripting (e.g., cmd, wmic, bash), Interpreted languages (e.g. Python), and how to Interpret source code and scripts (e.g., Flow, variables, loops). You should be pretty familiar with Scripting and/or programming language. You’ll be able to find tons of information online regarding learning how to code.
You’ll need to understand the fundamentals and theory behind computer design, computer networking, and basic computing concepts. Some things you should be aware of is, Computer Math numbering systems and conversions, Computer concepts (e.g., CPU architectures, virtualization), Memory organization and layout, Storage concepts (e.g., hard disk drives, solid-state drives) and the difference between the kernel and userspace. A good resource for learning this is Computer Organization and Design ARM Edition: The Hardware Software Interface.
You’ll need to learn of computer systems administration, software interactions, and I/O interactions in either Windows or Unix implementations. Some things you’ll need to know are Standard administrative commands, Local system configurations, Data security and integrity protection, Antivirus concepts, and file systems. A great resource for learning Operating System is the book Operating System Concepts Tenth Edition. That website contains tons of useful information for that book including slides and study guides. But as a prerequisite for learning Operating Systems, you should already be familiar with basic data structures, computer organization, and a high-level language, such as C or Java.
You’ll need to be aware of the operations, management, and maintenance of computer networks, protocols, and standards and how they integrate with one another. Some things you should be familiar with are IP / subnetting, Ethernet, Routing, Network layout and design (i.e., network topology) and Networking device concepts (e.g., routers, firewalls, intrusion detection systems). There is a great CCNA prep course available here that you can learn this from. A good book to learn about Networking is Computer Networking: A Top-Down Approach, By James F. Kurose. This is also a good resource for learning about networks from a security point of view
You’ll need to know Protocols, and ports for standard network services, Network services, and ports on standard Windows/Unix installs, Network-related commands and Network service administration and configuration. For this, you can use the resources from above.
So those are the Fundamentals that you need to know to become a Hacker. Once you have those down, you can move onto learning some more advanced concepts.
Some of those concepts would be:
Information security tools and techniques: Network monitoring, Network mapping, Vulnerability scanning, penetration testing
Offensive information security
Digital forensics and data recovery
Voice/data communications (satellite, RF, wireless, and telecommunications networks)
Public key infrastructure and encryption systems
Network traffic analysis
Computer and network forensics
Vulnerability and malware analysis
Low-level protocol and packet analysis
So I am aware that many people want to become a Hacker or Penetration Tester professionally so I will briefly be discussing how one can best do that.
Here’s what you need to know to become a Hacker:
For a Degree, I’d recommend a degree in Computer Science, Computer Engineering, Computer Security, Cybersecurity (Technical Track), Cyber Operations, or Information Technology. I’d recommend attending a school that is either an NSA Accredited CAE-CD or [CAE in Cyber Operations](https://www.nsa.gov/resources/students-educators/centers-academic-excellence/cae-co-centers/
You’re going to need some experience if you’re going to become a Pen Tester or Red Team Member. Some good experience to gain would be UNIX/Linux system administration, Windows system administration, Network Security, Network Administration – security and engineering, networking equipment (routers/firewalls/switches) and VPN administration
Some good entry-level Penetration Testing Certifications would be the OSCP, very practical, and well respected. And the Security + is generally a baseline for Security Jobs. And I’d advise against the CEH, its not practical at all and you can just memorize the answers and pass without actually knowing how to hack anything
Theoretical knowledge is nothing if you cant practice it. There are a number of different ways you can get experience in Offensive Security (Legally of course). Capture the Flag Events such as the National Cyber League are great ways to apply your knowledge. And HacktheBox (while a bit more advanced) is probably the closest you can get to a real-world Network Penetration Testing environment.
I couldn’t cover everything here, but I hope I was able to give you guys some solid knowledge that you can build on. Feel free to ask me any questions or send me a message if you have any questions. Thanks!