BytesQube > Blog > Security > How to become an Ethical Hacker or a Cyber Security Expert ?

How to become an Ethical Hacker or a Cyber Security Expert ?

March 3, 2023 Security

Level-1 :— RESEARCH AND RESOURCES

  1. The Art of Googling
  2. Never give up Attitude, Patience and Consistency.
  3. Know How to Find Resources
  4. Read Articles and Blogs about Cybersec, Watch videos on new Tech and their Vulnerabilities.
  5. Keep up with News and Updates in Cybersec field, what type of new attacks are happening.
  6. Find Courses and Books that will teach you specific topics in-depth.

LEVEL-2 :— FUNDAMENTALS

  1. LINUX BASICS
  • Linux Directory Structure
  • Familiarity of Environment
  • Basic Linux Terminal Commands
  • Manage Permission
  • Manage Linux Users and Groups
  • Manage and Monitor the Linux Services and Processes

2. WINDOWS BASICS

  • Groups and Policies
  • Active Directory
  • Basics of Powershell
  • Windows Services and Vulnerabilities

3. WEB APPLICATION BASICS

  • Understanding of URL
  • Role of Client and Server
  • How Request and Response Works
  • Request Header and Response Header
  • Catching Service and Catche
  • Web App Technology
  • Web App Vulnerabilities

4. PYTHON FUNDAMENTALS

  • Basic Syntax
  • Working of Loop
  • Working of if-else
  • List, Tuple and Dictionaries
  • Basics of Functions
  • Files I/O
  • Exception Heading
  • Socket Programming

5. BASICS OF SERVER

  • What is Server
  • Types of Server
  • How Passwords are Stored
  • How Server Works
See also  5 Ways to Secure Your Business Data in the Age of Remote Work

6. BASICS OF NETWORKING

  • Protocol Services and Port no.
  • 3-way Handshake
  • TCP Headers and UDP Headers
  • Secure Socket Layer
  • OSI Layers
  • Network Topologies
  • TCP/IP Protocol
  • Subnetting
  • Tunneling
  • Network Sevice Vulnerabilities

Level-3 :— TOOLS

These are called Ethical Hacking Tools.

Ethical Hacking Tools can detect vulnerabilities in computer systems, servers, web applications, and networks with the help of computer programs and scripts. There are several open-source and commercial tools available in the market that are widely used to prevent unauthorized access to a computer system.

LEARN EVERYTHING ABOUT THESE TOOLS AND HOW TO USE THEM.

PRACTICE IN EVERY ONE OF THEM, YOU WILL BE NEEDING THEM IN FUTURE

There are many tools for different purposes. I will list top 10 beginner tools to start with.

  1. Metasploit
  2. Nmap
  3. Burp suite
  4. Wappalyzer
  5. Cain and Abel
  6. Cyberchef
  7. Pydictor
  8. Maltego
  9. OWASP ZAP
  10. theHarvester

Level-4 :— VULNERABLE MACHINE

  • OverTheWire

You will learn and practice many Linux Commands here.

There are 33 levels on OverTheWire’s website, on every level you will be given problems to solve for which you have to use different Linux Commands and then when you solve those problems YOU WILL ACHIEVE A FLAG.

See also  The Evolution of Cybersecurity in the Age of IoT

Its really helpful for beginners who are just starting out.

  • DVWA

There are vulnerable application on DVWA’s site.

You can try brute force attack on these applications, CSRF attacks, XSS attacks.

  • PicoCTF

Now here on PicoCTF’s website you’ll get small tasks that- This flag is hidden maybe in the image or anywhere and you have to CAPTURE THE FLAG(CTF).

You’ll get points for solving these tasks- 10, 20, 40 points.

AFTER DOING ALL THESE YOU WOULD HAVE GAINED A LOT CONFIDENCE. NOW YOU CAN MOVE TO NEXT MACHINES.

NOTE:— IF YOU STILL DON’T FEEL CONFIDENT ENOUGH PRACTICE MORE ON PREVIOUS MACHINES.

  • VulnHub

You will get “Boot to Root” type of machines here.

Boot to Root means you have to open the machine from start then become SUPERUSER and then bring the flag.

You can download CTFs from VulnHub’s website and choose level accordingly- Easy, Hard and Advance.

You should solve and practice atleast 100–150 machines.

  • HackTheBox
See also  7 most popular tools used by Ethical Hackers

Till here you were exploiting offline machines by downloading them to your local system. But now here you will get access to a VPN and then you have to solve it online.

Price for VIP is somewhere around 800–1000 Rs which you have to give every month.

You will get every level of machines and points after solving those machines.

You should solve Minimum of 100 machines.

Level-5 :— A+ TOPICS

  1. Buffer Overflow
  2. Linux Commands and Privilege Escalation
  3. Windows Commands and Privilege Escalation
  4. Windows Kernel Exploits
  5. Linux Kernel Exploits

Have patience throughout this process of becoming a Cybersecurity Professional. Its not going to happen in 1 day.

Related posts:

7 most popular tools used by Ethical Hackers
Cybersecurity: 6 Steps To Protect Our Digital World
The Growing Importance of Cybersecurity in the Age of Digital Transformation
The Role of Cybersecurity in Protecting Businesses in the Digital Age

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Subscribe to our newsletter

Sign up to our newsletter to receive our latest news and products. Stay updated on the latest developments and special offers!


    Get a Quote

    Give us a call or fill in the form below and we will contact you. We endeavor to answer all inquiries within 24 hours on business days.
    +91 938 462 4393