𝓜any of my aspiring hackers have written to me asking the same thing. “What skills do I need to be a good hacker?”
As the hacker is among the most skilled information technology disciplines, it requires a wide knowledge of IT technologies and techniques. To truly be a great hacker, one must master many skills. Don’t be discouraged if you don’t have all the skills I list here, but rather use this list as a starting ground for what you need to study and master in the near future.
1. Basic Computer Skills
It probably goes without saying that to become a hacker you need some basic computer skills. These skills go beyond the ability to create a Word document or cruise the Internet. You need to be able to use the command line in Windows, edit the registry, and set up your networking parameters.
Many of these basic skills can be acquired in a basic computer skills course like A+.
2. Networking Skills
You need to understand the basics of networking, such as the following.
- Public v Private IP
- Routers and switches
- OSI model
- MAC addressing
As we are often exploiting these technologies, the better you understand how they work, the more successful you will be. Note that I did not write the two guides below, but they are very informative and cover some of the networking basics mentioned above.
3. Linux Skills
It is extremely critical to develop Linux skills to become a hacker. Nearly all the tools we use as a hacker are developed for Linux and Linux gives us capabilities that we don’t have using Windows.
If you need to improve your Linux skills, or you’re just getting started with Linux, check out my Linux series for beginners below.
4. Wireshark or Tcpdump
Wireshark is the most widely used sniffer/protocol analyzer, while tcpdump is a command line sniffer/protocol analyzer. Both can be extraordinarily useful in analyzing TCP/IP traffic and attacks.
You need to become proficient in using one of the virtualization software packages such as VirtualBox or VMWare Workstation. Ideally, you need a safe environment to practice your hacks before you take them out in real world. A virtual environment provides you a safe environment to test and refine your hacks before going live with them.
5. Security Concepts & Technologies
A good hacker understands security concepts and technologies. The only way to overcome the roadblocks established by the security admins is to be familiar with them. The hacker must understand such things as PKI (public key infrastructure), SSL (secure sockets layer), IDS (intrusion detection system), firewalls, etc.
The beginner hacker can acquire many of these skills in a basic security course such as Security+.
6. Wireless Technologies
In order to be able to hack wireless, you must first understand how it works. Things like the encryption algorithms (WEP, WPA, WPA2), the four-way handshake, and WPS. In addition, understanding such as things as the protocol for connection and authentication and the legal constraints on wireless technologies.
To get started, check out my guide below on getting started with wireless terms and technologies, then read our collection of Wi-Fi hacking guides for further information on each kind of encryption algorithms and for examples of how each hack works.
The Intermediate Skills
This is where things get interesting, and where you really start to get a feel for your capabilities as a hacker. Knowing all of these will allow you to advance to more intuitive hacks where you are calling all the shots—not some other hacker.
Without scripting skills, the hacker will be relegated to using other hackers’ tools. This limits your effectiveness. Every day a new tool is in existence loses effectiveness as security admins come up with defenses.
To develop your own unique tools, you will need to become proficient at least in one of the scripting languages including the BASH shell. These should include one of Perl, Python, or Ruby.
8. Database Skills
If you want to be able to proficiently hack databases, you will need to understand databases and how they work. This includes the SQL language. I would also recommend the mastery of one of the major DBMS’s such SQL Server, Oracle, or MySQL.
9. Web Applications
Web applications are probably the most fertile ground for hackers in recent years. The more you understand about how web applications work and the databases behind them, the more successful you will be. In addition, you will likely need to build your own website for phishing and other nefarious purposes.
To become good hacker, you must not be caught! You can’t become a pro hacker sitting in a prison cell for 5 years. The more you know about digital forensics, the better you can become at avoiding and evading detection.
11. Advanced TCP/IP
The beginner hacker must understand TCP/IP basics, but to rise to the intermediate level, you must understand in intimate details the TCP/IP protocol stack and fields. These include how each of the fields (flags, window, df, tos, seq, ack, etc.) in both the TCP and IP packet can be manipulated and used against the victim system to enable MitM attacks, among other things.