Learn Penetration Testing – How to Become an Ethical Hacker!

If you want to learn penetration testing, then hopefully these resources can help! I’ve been a professional penetration tester for over six years and a hobbyist for over a decade.

This will primarily serve as a landing page for the learning sub-topics, but hopefully, I can at least cover each of them at a high level as well.

Let me know in the comments if there is anything that you think that I should add, or what your favorite way of learning is.

Penetration testing, or pen testing, is a simulated attack (or attacks) against a pre-defined set of systems, computers, or applications.

Fancy definitions aside, it’s attempting to break into a computer-based system with permission.

Penetration testing can be targeting anything from front-end web applications and APIs to the networks and infrastructure running them, or anything in between.

Generally speaking, pen tests are performed by an organization to find gaps in their applications or security controls before the bad guys can.

As a penetration tester, your role is to not only find as many vulnerabilities as possible for your client but ensure that you can report on them clearly and concisely.

Ethical Hacking and pen testing, while both in the realm of offensive information security, aren’t the same thing.

Penetration Testing refers to the specific process of a coordinated assessment with a pre-defined scope and set of goals.

Ethical Hacking, on the other hand, is the practice of offensive-based security to try and break into an organization.

While both of these are similar, all penetration tests are a subset of ethical hacking and not vice versa.

For a quick comparison, check out this chart from EC-Council.

Capture the Flag, or CTF, competitions are personally my FAVORITE way to learn about information security.

Cybersecurity CTF competitions are usually a set of challenges or targets that you have to solve or break into to capture “flags”. These flags are usually a formatted text string that you can submit to a portal or dashboard and earn points. At the end of the event, the points are tallied up, winners declared, and often prizes awarded!

In addition to the ability to compete or win prizes, these capture the flag events are still a great way to learn, regardless of your experience level.

If you prefer a paper (or digital) reference, then I recommend picking up some information security books and/or papers.

I won’t dive TOO deep into this topic here, as the individual pages will jump into specific books or series.

I love a good book, and it makes it easier to reference back to instead of buying it in my 5000 bookmarks. That said, there is an advantage to digital copies when it comes to something like copy and paste.

On the topic of learning, my only general recommendation is to make sure that you try to buy from the author/publisher directly. Some companies (like NoStarch) have seen a TON of issues with pirated copies. As someone who wants to publish eventually, I want to make sure authors get their cut!

If you’ve never been to any security conferences, then I cannot recommend them enough.

While larger ones like DEF CON and DerbyCon (RIP) are great, you can even start with your local BSides.

Not only are security conferences a great way to learn new tools and techniques, but they can also be so much more.

And, if you like CTFs, then conferences usually have at least one where you can win some AWESOME prizes.

One last quick note, I HIGHLY recommend that you try and give a talk at a conference. Regardless of your skill level, there is always something new that you can bring to the table. I was worried for a long time that no one would be interested in my talks, but I was wrong. Now I try to speak at 2-3 conferences a year, and my talks range from introductory to moderately technical.

Other than CTF competitions, I haven’t had much for the “learn by doing” crowd yet. That changes with vulnerable machines and platforms.

Some of my earliest posts and motivations for this blog came from attacking purposely vulnerable virtual machines.

The “easiest” way to start is to grab any random VM from VulnHub, throw it in VirtualBox, and try to break in.

That said, if you want to have a more all-inclusive platform, or not have to deal with networking, then there are plenty of other options. The de-facto standard for vulnerable machine platforms is Hack the Box, and for good reason. You can attack multiple different machines, view write-ups, and compare your score to others around the world.

These are only two of the ton of options for vulnerable hosts, so definitely check out this section if you’d want to learn more.

While they usually aren’t free, information security courses might be the best way to learn penetration testing.

in addition to the fact that they have bundled all of the free information in a nice and orderly fashion, there’s also an intangible benefit. Once you have paid for a course (even if it’s a small amount), you feel more obligated to complete it. This is due to the sunk-cost fallacy and can be some great motivation.

In addition to the actual courses, most of these classes offer some form of certification exam or certificate of completion. These are a GREAT value-add for your resume, even if a job posting isn’t looking for it.

Plus, if you try hard enough, you can get a ridiculous e-mail signature like me.

Last, but DEFINITELY not least, if you stay tuned for long enough, you’ll see that DoylerSec Academy will be releasing some course of our very own!

Outside of this blog, I’m finally delving into more cyber security content creation.

While the DoylerSec YouTube Channel started as a staging platform for post-related videos, it has already grown past that.

I’ve already uploaded some of my most popular posts into a vlog format, and might still do a few more.

Other than that, I have some huge tutorial series planned for a joint blog/video release.

Once everything is complete on that front, I will be working on some content that will start as a video (but may have accompanying posts).

A lot of big things are in the works, especially for the blog + YouTube combination, so stay tuned!

And, of course, if you want to support the channel, subscribe and watch 100% of all of the videos.

While this was a slightly shorter post, each of these sub-navigation pages will go more in-depth. Hopefully, we’ll be able to cover a lot of different ways that you can learn penetration testing. Even if you aren’t interested, you will be able to increase your infosec knowledge in general!

If you feel like there is a learning method that I’ve missed, then please let us know!

Other than that, stay tuned for more content, as well as potential course and service offerings.