Best Places for learning Ethical Hacking

Home / Career / Best Places for learning Ethical Hacking

Learning how to hack computers can be daunting, most people have no idea where to begin and unfortunately many businesses take advantage of this. There’s no shortage of online courses talking about teaching people cybersecurity and promising that you will be able to get a job if you just buy their course. I would advise caution when looking at these different programs because most of them only exist because cybersecurity is a growing field and they know there is a high demand for learning about it. Here I’ve put together an article outlining what to look for when trying to find resources for learning computer hacking and I have a list of some of the best online resources that I’ve found for learning how to hack computers.

What to look for in an ethical hacking course

No single course needs to teach you all of these things but a valuable course will emphasize at least one or more of these areas. 

Recognized Software: If you’re new to hacking computers and you’re looking for a course to follow I would suggest picking a course that teaches you how to use industry standard software. This includes tools like burpsuite, metasploit, nmap, Wireshark etc. These tools are widely used in the industry so any practical knowledge that you gain with these will be valuable for hacking and valuable for getting hired. Avoid courses that teach you to use their specific products. When you’re first starting out you need to learn what is being used in the industry so that you will be more employable.

Script Automation: In a professional penetration testing scenario you may be required to run scans/exploits on hundreds or thousands of machines and it is very useful to be able to automate some of these processes. One good thing to look for in an ethical hacking course is learning script automation, preferably in languages like python, bash or powershell. Not only will it teach you a valuable skill but if you code along with the tutorial you can create scripts and add them to something like a Github portfolio so that you have proof to show employers/clients.

Practical Walkthroughs: Be careful with any course that is all theory. Watching videos that explain hacking concepts or talk through lecture slides should only be at most 20% of your learning. Ideally any hacking course should be showing you how to hack into a computer step by step. Preferably they should be doing it on a platform where you can follow along and try to hack that machine yourself such as hackthebox. You need to apply as much of this information as you possibly can if you want to retain the information. 

Industry Recognition: This applies only if you’re going the university or certification route. You want to make sure that the courses you decide to take are well respected in the industry. This will be important to ensure that you get the best quality education and it will be important when applying for jobs. When you apply to a job your resume is scanned by HR software, if you don’t have specific certifications or skills listed on your resume it may be screened out before it even reaches an HR person. Therefore, it’s worth looking into how respected and in demand a certification or degree is before making a decision. 

Reviews: This isn’t specific to Cybersecurity but be sure to look at reviews before deciding where to invest your time. I highly recommend using reddit to find out where other people have started their cybersecurity journey and what resources they found most helpful.

Best Online Resources for learning Computer Hacking

Online Hacking Platforms: There are websites like Hackthebox, Vulnhub or hackthissite that give you legal places to start hacking into web servers. This way you can get hands on experience hacking into computers. Also, they usually awarded points to your profile for every challenge you complete so you can start to build a portfolio and reputation. Some of these sites also have job boards so once you get good and start getting your points higher, you can apply for jobs right on that platform. Additionally, I would recommend doing write ups or creating video tutorials of your work so that you can start marketing yourself online through a website, blog or youtube.

Online Certifications: Another good way to learn hacking that is recognized by many employers is through certification. Certifications alone won’t make you a complete hacker but it’s great for foundational knowledge and more advanced certifications will force you to hack computers within certain time constraints and understand how to do a professional technical write up. A write up is a document that is prepared after you perform a penetration test where you outline exactly what you did, what you found and what the client should do to correct it. The write up is the part of the test that provides values, it doesn’t help the company if you hack into their systems but you can’t explain how you did it and how they can improve their security as a result. In terms of certifications I would recommend Certified Ethical Hacker (CEH) first, because it’s more theory based and will give you the foundational knowledge. CEH also has a practical option where you can get hands on experience if you find theory too boring. After that there is a series of practical hacking certifications provided by Offensive Security. These certifications are very well respected and can assist you in reaching a professional level of skill. If you’re able to pass the exam and the write up portion, you are at an employable level of skill.

YouTube: YouTube is 100% free and has endless videos that explain how to perform different types of web application attacks, walkthroughs on security challenges, series on different security software and so on. When it comes to learning how to do something, YouTube is one of the best places to go to find the knowledge that you need. The only downside is that it’s not proof of your skill. You can use it to learn but you’re going to need a portfolio to market yourself.

Other: Some other places you may want to look at include Udemy, Udacity and Cybrary. Udemy and Udacity offer online training material for many different topics, including Cybersecurity. Cybrary is a platform dedicated solely to Cybersecurity training and has a lot of courses to choose from.

Final Thoughts

Fortunately there are many ways to learn ethical hacking without having to get a 4 year degree. The problem today is that there are so many options you may not know where to begin. The most important thing is to make sure you’re acquiring practical experience and building a portfolio that will make you marketable to employers/clients.