How To Become A Hacker

0xDamian

May 23, 2024 — 6 min read

You're trying to learn the art of exploitation, the way of 0 and 1, and have the esoteric knowledge to bend the internet to your will, juiced on energy drinks and dressed in a hoodie in a room so dark the only ray of light in there is green text emanating from your PC screen...just to be used as your household's IT technician?

I have just the thing for you in this blog—a path filled with pain, and excitement–a never-ending journey of learning & discovery.
Let's become hackers, ethically of course.

Metamorphosis

I had the wrong idea of hacking and what is possible. The movies do a poor portrayal of what this is. I found myself in this space, trying to see the computer like Mr. Robot sees it. I was a fool. A boy with a target, without a steady hand, trigger happy, eager to shoot–I did, I missed.

My mindset was wrong, what I knew was wrong.
I had to change.
I had to learn.

The serious version of that entire melodramatic text; the message I was trying to pass is you have to unlearn what you know and give way for new information.
I knew hacking was a thing, but the term "Cybersecurity" was new. Who knew I could hack legally and make money too?

You have to think like a hacker. This is where your mind begins to take shape. You will question everything.
"Why?" "How?" "And?" "What if?" "What else?" "Will it?"
But what exactly would you question? Do you know what is possible to begin questioning what else is possible?
Where do you even start? Let us find out.

Arm Yourself

Before we begin, I have listed sources to get you started in the fundamentals of Cybersecurity. You can read my blog on this here. Without this, you can't continue with the resources listed here.

This section of the blog focuses on FREE resources for practising. A balance of theoretical and practical knowledge to get you from zero to people asking rubbish like if you could hack someone for them. You will become impressive to the normies.

1.) TryHackMe

I wish I started with this instead of aimlessly trying and bricking my system each time. TryHackMe has a blog called Free TryHackMe Training: The Ultimate Guide for Beginners. As the name implies, it's free and contains a list of free rooms where you can learn and practice Offensive Security/Hacking skills.

From there, you should try to hack their machines. They are purposefully vulnerable computers you can practice your skills on.

2.) Portswigger Academy

Portswigger Academy is a web application security-based resource. It will teach you how to exploit web application vulnerabilities, why they exist and even suggest how to secure a website against attackers trying to exploit them.

3.) HackTheBox

Like TryHackMe and PortSwigger, Hack The Box is an academy-style platform with CTF-style challenges (more on this later).

There are a lot of resources on HackTheBox and this is my suggested path:

HackTheBox Academy: Upon sign-up, you get 30 cubes for FREE which you can use to purchase courses/modules. I suggest you purchase 3 of these tier 0 courses, 10 cubes each. They are 'Learning Process', 'Linux Fundamentals' and 'Introduction to Networking'.
After, go to HTB Labs, and navigate to the Starting Point. This page has very easy machines/labs (purposefully vulnerable computers) to test your skills. They also have attached PDFs you can go through when you are stuck. The PDFs each contain a detailed walkthrough of the relevant machines.
Then, if you can afford it, I suggest you get a 1 month VIP subscription. This gives you access to the retired easy machines and the guided mode option which is quite helpful.
If you don't want to or can't afford the VIP subscription, you can get right into the active machines.

That's just where you should start. These can make you advanced in Web and Networking Penetration Testing/Ethical Hacking or becoming an elite TV remote repair man.
There are other resources. Like OffSec Proving Grounds, Pentester Labs, Cybrary and so on.

What about videos? Yeah, I gotchu.

Recommended YouTube Channels

This is in no particular order. They are YouTube channels focused on Cybersecurity, Ethical Hacking and Privacy.

NetworkChuck
Hackersploit
The Cyber Mentor (TCM Security)
John Hammond
LiveOverflow
Ippsec
0xdf
Mental Outlaw
Seytonic (My favourite Cybersecurity/Hacking News channel)
STÖK (Bug Bounty)
InsiderPhD
NahamSec

The list goes on forever and as you begin consuming their content, you begin discovering other channels like these.

Certificates

There are a lot of debates around certificates. Whether you should get one or don't get one or give specific ones you should get for your money's worth. Let's talk about them a little.

A few of these are simply HR bypasses but some are, by popular opinion, worth it in order to gain skills. I'll give a list and leave you to do your own research.

eLearnSecurity Junior Penetration Tester (eJPT) - Entry Level
Practical Junior Penetration Tester (PJPT) - Entry Level
Practical Network Penetration Tester (PNPT) - Entry Level
Certified Edible Hamburger (CEH) - Entry Level
OffSec Certified Professional (OSCP) - Mid-Seniour Level
eLearnSecurity Certified Professional Penetration Tester (eCPPT) - Mid-Seniour Level
HTB Certified Penetration Testing Specialist (HTB CPTS) - Mid-Seniour Level

The list goes on, but these are trendy and you will find most of them in job descriptions, a lot.

Network With People, Make Friends

The 18 Greatest Anime Bromances of All Time

I have a list of people you can follow on Twitter (X) who post relevant content on this. They form my Ethical Hacking community as well. Give them a follow and improve your TL.

@Tib3rius
@I_Am_Jakoby
@runasand
@TaelurAlexis
@0dayCTF
@TCMSecurity
@seclilc
@TheBlindHacker
@shenetworks
@GarrGhar
@endingwithali
@WhiteOakSec
@JackRhysider
@shehackspurple
@_JohnHammond
@InsiderPhD
@PhillipWylie
@joehelle
@Alh4zr3d
@rana__khalil
@NahamSec
@Jhaddix
@ippsec

This particular list is of Nigerians in the field:

@ireteeh
@akintunero
@sisinerdtweets
@commando_skiipz
@Hac10101
@Debug_sec
@Sec_fortress
@r007User
@_Rega_n
@kellyscholas
@deusx_45
@g3ntry1
@daltsec
@Queenicea17
@Ahmed___khaan
@RedHatPentester
@Olufela_Jr
@OluwaseyiAjadi4
@Dghost_Ninja
@Mustaph99035272

There are so many people I could add to this list. All wonderful and helpful people in the community.

Conclusion & Stuff

The road to becoming a hacker doesn't exist. There are many roads, many paths. This is just an attempt to help create one for you in the most cost-free way possible.
There are other related career paths in Offensive Security, like Penetration Testing, Red Teamer, Security Engineer, Threat Intelligence Analysts, etc.

It's going to be hard. You're going to study a lot, but it is achievable. Take your time and learn and you will be fine. Do not give up.

Thanks for reading, I hope you've learnt something here!

FAQ

Q: Do I need to learn programming to become a hacker?
A: Short answer, yes. I recommend learning Python and BASH.

Q: How much do Ethical Hackers make?
A: DYOR. It varies for a lot of factors like location, company's budget, experience, etc

Q: Can you hack my gf's WhatsApp?
A: Yeah, for $100,000,000. LMAO go away.