So You Want To Be A Hacker

red-pill-blue-pillYou took the red pill, and now you want to see how deep the rabbit hole goes.  You spend a lot of time on computers, and use them for things that your friends think are odd.  You are on your third Raspberry Pi project.  You are running Linux on at least one computer.  Now you want to learn the light and dark arts of computer hacking.  Where can you do that?

There are actually several good options at varying price points.  Here are my favorites.

Just so there is no confusion, I subscribe to the original definition of the term “hacker” as a person who is driven by curiosity, and desire to learn how and why things work, and is interested in being creative and building things.  Hacking in this light is not a criminal activity.

gliderA good place to start is with Eric S Raymond’s excellent sites on the Hacker Culture.  Start with How to Become a Hacker.  From there you can move to A Brief History of Hackerdom. These sites are free, and he has others so spend some time and look around.

If you want to know how and where it all started, there is Steven Levy’s great book Hackers, Heros of the Computer Revolution.

I have written before about Pete Herzog’s Hacker Highschool program.  This is a great program for Middle School and High School aged hackers, but it is available to anyone.  Here is a great YouTube video of Peter on The Truth About Hacking.

Two of my favorite online IT schools are Cybrary and Udemy.  I’ve taken several course from both of these schools, and have been happy with the quality.  Anything on Kali Linux will get you there.  Other good options include Coursera, Khan Academy, Lynda.com and xEd.

The EC-Council sponsors the Certified Ethical Hacker (CEH) security certification.  This was where I went to fulfill my cravings for this special knowledge.  Not free.  It will set you back several thousand dollars by the time you are done.  But you will learn how to use the tools that bad guys do, but the ethical part means you will use your newly acquired powers for good only.  This program is for white-hat hackers only.  This will prepare you for a career in cybersecurity as a penetration tester.

The folks at Offensive Security, the people who brought us the Kali Linux security toolbox, are sponsoring a relatively new certification called the Offensive Security Certified Professional (OSCP).  This is similar to the CEH, but offers much less book learning and way more hands-on-the-lab time.  The exam is a 24 hour hackathon, where you are give a series of hacks to perform, and when you are complete, you have to write a report explaining how you did it.  This is the next certification I am going after.

For those of you who want to walk on the wild side (and perhaps the dark side), the hacktivist collective Anonymous has opened a school for budding hacktivists called OnionIRC.  This school is located on the Dark Web, and is accessible via the TOR network.  They launched this effort with a YouTube video, so if this seems appealing to you, this is where you start.  There is a good article on Naked Security about this initiative.

So there you have it, my budding hackers.  Enjoy.

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment