
Ask HN: How does one become an ethical hacker? - acidfreaks
I&#x27;m interested in becoming a ethical hacker. May I know what does it take to become an ethical hacker?
======
jupenur
Start by learning the basics. If you don't know how to code, that's probably a
good place to start. Learn about web applications and network protocols. Learn
the basics of Linux and Windows system administration.

Read some books, e.g. The Web Application Hacker's Handbook [1], The Tangled
Web [2], Nmap Network Scanning [3]. Study the OWASP wiki [4]. Familiarize
yourself with the tools of the trade: Nmap, Burp Suite, Nessus, IDA Pro, ...

Learn to recognize strange and suspicious behaviors in applications. Learn to
recognize implementations that are almost, but not quite, what they should be.
To get good at this, you have to be familiar with the underlying technologies,
frameworks, and best practices. Having experience in software development or
system administration helps a lot.

Most importantly: hack. You really only learn by doing. There are plenty of
opportunities to hack legally and ethically and even make some money doing it.
Set up WebGoat [5] and go through the lessons. Get on HackerOne [6] and
participate in bug bounty programs. Learn how to responsibly disclose issues
to vendors.

And finally, get involved in the infosec community. Follow interesting people
on Twitter. Attend local meetups. Go to conferences. Ask questions and help
others to learn as well.

[1] [http://mdsec.net/wahh/](http://mdsec.net/wahh/) [2]
[http://lcamtuf.coredump.cx/tangled/](http://lcamtuf.coredump.cx/tangled/) [3]
[https://nmap.org/book/](https://nmap.org/book/) [4]
[https://www.owasp.org/index.php/Main_Page](https://www.owasp.org/index.php/Main_Page)
[5] [https://github.com/WebGoat/WebGoat](https://github.com/WebGoat/WebGoat)
[6] [https://hackerone.com/](https://hackerone.com/)

------
elyrly
[https://bugcrowd.com/](https://bugcrowd.com/) &
[https://forum.bugcrowd.com/t/researcher-resources-getting-
st...](https://forum.bugcrowd.com/t/researcher-resources-getting-started/115)

------
edimaudo
Follow this [http://www.catb.org/esr/faqs/hacker-
howto.html](http://www.catb.org/esr/faqs/hacker-howto.html) and then watch mr
robot.

------
wprapido
[https://www.cybrary.it/](https://www.cybrary.it/)

------
dreamdu5t
Well first you have to decide what is ethical. Good luck with that...

------
_RPM
You would first have to define ethical.

------
Bino
First off, learn to hack?

~~~
acidfreaks
Do you have any good resources on that? :)

------
tmaly
learn social engineering

