So you want to be a hacker?

Start Here:

I am culminating a list of resources to assist the aspiring penetration tester in getting their career off the ground, and I will continue to add to this list as I find more beginner level resources. I highly recommend getting experience with every area that is provided. This guide is definitely not the end-all be-all guide; however, I truly believe that this list will help to give guidance to anyone that is planning to pursue a career in this field. I pray and hope that you will find this guide helpful. Any feedback would be greatly appreciated. God bless.

  1. Networking
  2. Scripting/Programming
  3. Linux
  4. Penetration Testing Resources
  5. Certifications
  6. Getting Active in the Hacker Community

Networking:

Network+ Course w/ Jason Dion
A good place to start is to study for the Network+, this certification will introduce you to the basics of broad spectrum of Networking terminology and technologies. Jason Dion has a great course on Udemy that I used to study for my Network+. You can usually catch this course on sale for under $20.

101 Labs
If you have no networking experience prior to taking the Network+ then I recommend that you get your hands dirty with some lab time. You can build a virtual home networking lab using things like packet tracer or GNS3. There is a book called “101 Labs – CompTIA Network+” by Paul Browning that contains labs that you can build using these tools.

PowerCert Animated Videos
This YouTube playlist has some great animated videos that break down various networking concepts.

Scripting/Programming:

Python:

r/Python

Automate the Boring Stuff

Black Hat Python

100 Days of Code: The complete Python Pro Bootcamp for 2022

PowerShell:

r/PowerShell

PowerShell in a Month Of Lunches

Bash:

r/bash

CodeAcademy

Linux:

OverTheWire
Start with Bandit

TryHackMe
Linux Fundamentals.

Intro to Penetration Testing:

Junior Penetration Tester Learning Path - TryHackMe
TryHackMe is perfect for complete beginners that have no experience whatsoever. However, this platform also has a lot of content for intermediate/advanced users as well. The “complete beginner” learning path is the perfect place to start, and it covers some of the fundamentals like networking, Linux, and web protocols. It also introduces users to Cryptography, exploitation, privilege escalation, and helps you get familiar with some of the tools of the trade. They also have a very active discord channel, where you can go and ask questions, get help, or just goof off with other people with the same interests.

Practical Ethical Hacking Course - TCM Academy
This platform is also highly recommended. Heath Adams AKA “The Cyber Mentor” is well respected in the infosec community and aims to provide quality & practical content that is also very affordable. The Cyber Mentor produces great content and is an amazing teacher.

Penetration Testing Student - INE
eLearnSecurity, the creator of the eLearnSecurity certification suite, was recently purchased by INE. I am currently using this platform to study for my eJPT. Their content is amazing, and their training is more geared towards the real world/practical aspects of penetration testing unlike the OSCP, which is more capture the flag based. Also, they do not only teach Cyber-security, but also have great material covering networking, cloud, and data science as well. The eJPT has been regaled as a great introductory level penetration testing certification and is a good starting point for newbies like me.

Content Creators:

Ippsec

John Hammond

LiveOverflow

Null Byte

HackerSploit

Certifications:

CRTP
Certified Red Team Professional by Pentester Academy

PNPT
Practical Network Penetration Tester by TCM Security.

eJPT
eLearnSecurity Junior Penetration Tester by eLearn Security

Hacker Community:

Black Cyber-Security Association
The BCA (Black Cyber-Security Association) aims to close the diversity gap in Cyber-Security and tech in general. They have Certification prep groups, clubhouse talks, home-lab tutorials, and an active discord.

Security BSides
Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time.

Written on February 1, 2021