If you’ve just watched Mr. Robot and are thinking of becoming an ethical hacker, you may need to start by first asking the question: what is ethical hacking? Is there something more to it beyond passing the popular certified ethical hackers (CEH) exam?
In this article, we will focus on the additional skills you will need after the CEH exam, because the exam is just the first step toward becoming a professional ethical hacker.
The reasoning behind this is pretty simple. To be an effective hacker (whether white hat or black hat), you will need a broad base of IT skills, and an understanding of a wide range of technologies and techniques. This is because hackers must master more skills than most other IT professionals to stay at the top of their game.
Keep in mind that on your first job as an ethical hacker you will probably not need to have all the skills listed here. In fact, you may find that passing the CEH exam will probably suffice for your first job. But if you want to be among the crème de la crème of ethical hackers, then the skills listed below are what you will eventually need to acquire.
Before you can start hacking, you should have some basic skills mastered. These include the following:
1. Understand Linux
Most tools that you will require as a hacker are Linux- based. This means that you need to be extremely comfortable using Linux. Some of the most important tools that you need to be familiar with are sniffer/protocol analyzer tools like Wireshark and TCPDUMP
2. Understand virtualization
3. Understand networking
As an ethical hacker, you will more often than not be asked to protect networked systems. The better your understanding of these systems, the easier it will be for you to spot security flaws and counter them before they cause serious damage. You will need to be familiar with routers and switches, IPv4 and IPv6, DHCP, MAC addressing and other aspects of networking.
4. Understand wireless
Most devices these days are wirelessly connected, and present huge vulnerabilities to connected systems. Therefore, understanding wireless encryption will be fundamental to the field of ethical hacking in a few years. Additionally, it’s also important to understand the protocols, authentication, and legal constraints on wireless technologies.
Essential hacking skills
In order to unleash your full competencies as an ethical hacker, you need to practice exactly what a hacker does while on-the-job. Some of the skills that you will need to understand include the following:
5. Understand IT security systems
You basically need to understand the security systems that security admins set up. This means understanding concepts like PKI, SSL, firewalls, and so on.
6. Understand scripting
As a hacker you need to be able to create your own tools – or at least understand the scripts that other hackers use. You should be adept at using the BASH shell and should know at least one scripting language like Python or Perl.
7. Understand forensics
Understanding exactly how hackers evade and avoid detection is one the main tasks of an ethical hacker. So understanding digital forensics is a key skill to have for ethical hackers.
8. Understand cryptography
In addition to learning digital forensics, understanding cryptography will help you detect hackers who use cryptography to hide ill-intentioned activities.
9. Understand reverse engineering
Knowing how to reverse engineer malware is extremely important, because it can help you figure out the mindset and intentions of a particular hacker
10. Understand database skills
Hacking databases is one of the biggest security breaches in the world today. This means that you must know your way around the most commonly used DBMS’s including Oracle and MySQL in order to effectively foil thieves and hackers.
11. Understand web applications
In recent years, web apps have become increasingly popular due to the proliferation of mobile devices. This has inadvertently provided a fertile ground for hackers, which means you need to be extremely familiar with web apps and their ecosystems tin order to deal with security breaches.
Apart from the above technical skills, you will also need to learn how to develop problem solving skills, creativity, and persistence. Of course, being able to get into the mind of a black hat hacker is also an invaluable tool for ethical hackers.
By and large, the CEH exam will cover a lot of what you need to know – from scanning networks to penetration testing and even some aspects of social engineering. However, as the director of the Cybersecurity Academy at UMBC training succinctly puts it, “CEH courses “don’t provide an adequate amount of hands-on application.”
That said, CEH is the most recognized ethical hacking certification and is a great first step for people who are looking to build careers in the field. Additionally, ethical hackers with a CEH certification earn more than those who do not have one.
A CEH certification coupled with strong technical and non-technical skills will ensure that you get to the top of the ethical hacking profession.