You took the red pill, and now you want to see how deep the rabbit hole goes. You spend a lot of time on computers, and use them for things that your friends think are odd. You are on your third Raspberry Pi project. You are running Linux on at least one computer. Now you want to learn the light and dark arts of computer hacking. Where can you do that?
There are actually several good options at varying price points. Here are my favorites.
Just so there is no confusion, I subscribe to the original definition of the term “hacker” as a person who is driven by curiosity, and desire to learn how and why things work, and is interested in being creative and building things. Hacking in this light is not a criminal activity.
A good place to start is with Eric S Raymond’s excellent sites on the Hacker Culture. Start with How to Become a Hacker. From there you can move to A Brief History of Hackerdom. These sites are free, and he has others so spend some time and look around.
If you want to know how and where it all started, there is Steven Levy’s great book Hackers, Heros of the Computer Revolution.
I have written before about Pete Herzog’s Hacker Highschool program. This is a great program for Middle School and High School aged hackers, but it is available to anyone. Here is a great YouTube video of Peter on The Truth About Hacking.
Two of my favorite online IT schools are Cybrary and Udemy. I’ve taken several course from both of these schools, and have been happy with the quality. Anything on Kali Linux will get you there. Other good options include Coursera, Khan Academy, Lynda.com and xEd.
The EC-Council sponsors the Certified Ethical Hacker (CEH) security certification. This was where I went to fulfill my cravings for this special knowledge. Not free. It will set you back several thousand dollars by the time you are done. But you will learn how to use the tools that bad guys do, but the ethical part means you will use your newly acquired powers for good only. This program is for white-hat hackers only. This will prepare you for a career in cybersecurity as a penetration tester.
The folks at Offensive Security, the people who brought us the Kali Linux security toolbox, are sponsoring a relatively new certification called the Offensive Security Certified Professional (OSCP). This is similar to the CEH, but offers much less book learning and way more hands-on-the-lab time. The exam is a 24 hour hackathon, where you are give a series of hacks to perform, and when you are complete, you have to write a report explaining how you did it. This is the next certification I am going after.
For those of you who want to walk on the wild side (and perhaps the dark side), the hacktivist collective Anonymous has opened a school for budding hacktivists called OnionIRC. This school is located on the Dark Web, and is accessible via the TOR network. They launched this effort with a YouTube video, so if this seems appealing to you, this is where you start. There is a good article on Naked Security about this initiative.
So there you have it, my budding hackers. Enjoy.
Share
MAY
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com