0

Hi I am trying to get started in all this. I don't have that much experience but I am going to school to get a bachelors in information technology and I have learned a little bit about hacking as well which was the main motive for me getting into it security. I am curious as to how I should get started, what I should be learning, what should I do to prepare for a career in this field?

nyxgeek
  • 1,297
  • 10
  • 22
T.Webb
  • 25
  • 1

2 Answers2

2

I think it is important to have a good base. Too often people try to hop directly in and I feel that they are at a disadvantage.

1. Base Skills

Code: Essential for exploits and automation. I would recommend C, python, bash, and PowerShell.

Networking: Essential for understanding how things work. Also, packet captures are really useful.

Operating Systems: Being familiar with Linux and Windows administration is important if you want to break those systems.

College Coursework: (Not at all necessary but since you mentioned you are enrolled) Besides the obvious CompSci courses, general science/math courses are useful throughout life, especially physics and stats.

2. Information

Twitter: News moves quickly in our community.

Mailing lists: old-school, but email lists are also essential for keeping up on vulnerabilities.

3. Labs

You can either go with commercial labs like Offensive Security's PWK course, or SANS' version of it. Or, you can check out wargames/challenges. WeChall.net has links to a lot of different challenges. You can also stand up your own VMs that you find on VulnHub. I spent time in the PWK lab and I loved it.

4. Community

Get involved. Go to Cons. Go to meetups. Take part in CTF challenges, or password cracking contests. Find areas that interest you and pursue them as hobbies. Don't wait to be spoon-fed knowledge in the classroom. Meet people who are interested in security. It's one of those fields that really is full-time. You might not be "working" but you're really always working.

nyxgeek
  • 1,297
  • 10
  • 22
0

My two cents:

Many universities have "ethical hacking" communities which organize meetups and arrange lectures on topics in security. Check these out, and get some contacts and friends on the inside of the industry. Sites such as meetups.com give you pointers about happenings around your school.

Follow industry leaders such as Krebs and Schneier on Twitter and blogs. They post articles that are inspiring and tell you about the latest trends.

I would also suggest that you include a bit of math (discrete, combinatorics: https://en.wikipedia.org/wiki/Combinatorics) in your degree. It will make you better at understanding how complex a system you are hacking is, for instance it makes you able to deduce whether a key is crackable by brute force or has to be circumvented in some way.

Geir Emblemsvag
  • 1,589
  • 1
  • 11
  • 14