Are you someone who is interested and wants to get into the field of cybersecurity and you want people to call you Hacker. But you don’t know where to start, this article will give you a roadmap to become a real Hacker, you can refer to it to know which subject to learn first.
Ethical Hacker – Ethical Hacker – What is a White Hat Hacker?
A hacker is someone who can gain unauthorized access to any computer system without permission, such as using the Social Engineering or have some documents, files, passwords, etc before and of course this is illegal.
In parallel with the illegal Hacker force, there are still White Hat Hackers in the world who are invited/hired to be able to check the security of computer systems/networks, etc. Therefore, White Hat Hackers allowed by the company owner to test such as: malicious code, vulnerabilities, potential security holes of the computer system.
Now that we will dive into the Road to Becoming a Hacker, what should you learn and what makes you a good Hacker?
The Road to Becoming a Real Hacker
There are many paths for you to become a Hacker, here are just some of the ways to help you become a real Hacker. You can refer to this roadmap, it also corresponds to the university study route
- Programming and computer science
- Network and operating system fundamentals
- App Security
- Choose your favorite major, such as: binary security, web application security (later bug hunter)
- Mobile forensics, pentesting, application security
- Network Security – Network Security – Learning network models – Deploying network systems
- Red Team – Red Team
- Blue Team – Blue Team
Now we will go into the details of each part.
Programming and computer science
Any Path to becoming a Hacker requires knowledge of Code. Most people don’t like programming, most people now often use built-in tools to attack or scan the system for vulnerabilities (Metasploit, nuclei, Burp Suite) but don’t forget the best skills come from Programming and Computer Science
Indeed, the best Hacker often comes from a programmer background, they understand what the syntax of the code is about, and where the holes are in the Code. They have in mind how the software works or can create their own Hack tool (RAT, Worm, Virus) and it is important to have knowledge of any programming language. (optional). Have a lot of course I shared just choose a programming language and start learning.
So what language should I learn to hack?
In this Roadmap to Become a Hacker, I will explain what language does it do and what purpose it can be done for?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Language: HTML (not exactly a programming language)
Purpose: web hacking
Login form and web input methods use HTML to get data
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Language: Javascript
Purpose: Hack the web
JavaScript is a really powerful language that can get other users cookies and it can be executed on other people’s browsers
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Language: SQL
Purpose: Hack the web
With this language, you can access software data, web, login form… through SQL Injection error
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Language: Python, Ruby, Bash, Perl
Purpose: create software, scripts
These languages are my favorite because you can create your own Tools and Code to suit different systems. Such as Brute Force attack, Man-in-the-Middle etc and it is very helpful to understand and customize the tools and scripts that have been created
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Language: C/C++
Purpose: write exploits, malware, shell code
These two languages are also the favorite languages of many veteran Hackers, but much more difficult than Python, etc. you can create your own rootkits, exploits, malware, etc
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Network security
You also need to dig deeper into this area because every system has to work with the internet to communicate with each other. Learn about the OSI model, vulnerabilities, etc. after this part you will learn many things about hacking WIFI and Hacking Server or PC in intranet.
Mobile application security
In this field, you will learn everything about phone security, hardware, and software for digital forensics.
In this field you will learn about IOS, Android, etc., you should focus on understanding the security features of modern mobile operating systems.
However, in Vietnam, there are only a few training units in this field and the job market is mainly foreign companies or agencies with digital investigation functions.
Understanding cryptography – encryption
This section is especially important because most confidential information is encrypted so it deals with and comes from mathematical concepts and it is the type of rule-based computation known as algorithm to transform content in a way that is hard to decipher.
You will learn how to encrypt and decrypt data.
Web Application Security
In this section, you should focus on potential security vulnerabilities that commonly affect web applications, and as a web security engineer you should be able to understand CVE, web mechanics, etc.
To become a good Pentester, you should practice a lot there are many free web testing sites like: OWASP, DVWA, JUICE, etc and to understand the web security mechanism you should learn and understand about 10 vulnerabilities OWASP’s flagship.
Communication skills – Soft skills – Report writing skills
In the path of becoming a real Hacker, you need to regularly exchange experiences and ask questions with your team (Team), your partner, which is extremely important to have in this field because as a Hacker, you must write a report on the vulnerabilities you have found and must share your technical knowledge to the client who can understand the severity of the vulnerability in the system.
The content of the report about security holes must be clear, easy to understand and as concise as possible.
Learn how to use Tool Hacks
Of course, using the Tool will be faster than using your hands, you should also learn some Tool Recon, Tool Check Vulnerability common to save during system tracing or system testing.
Tool only helps us save time, not help you quickly become a Hacker. A real Hacker must know where the system is faulty? Why does it fail and how to exploit? And how to fix the error?
Along with learning theory, you should practice on your own system or Lab lessons TryHackMe, Hack The Box… Then draw your own experience after each lab completion. That way the experience will be accumulated leading until you encounter a faulty system in real life and use the knowledge that can be tested and attacked. Hopefully with the above Roadmap to Become a Hacker, you will have an overview to know what you should learn and do to go without being derailed.
