Lecture Notes: Becoming an Ethical Hacker in 2025

Introduction

• Speaker: Heath Adams, interviewed by David Bombal
• Topics: Path to becoming an ethical hacker, foundational skills, certifications, and specialization in ethical hacking.

Path to Becoming an Ethical Hacker

• Background: Heath Adams transitioned from being an accountant to running a penetration testing company.
• Experience: The discussion is based on real-world experience and market understanding.

Foundations of Ethical Hacking

Understanding Core Skills

• Basic IT Skills: Equivalent to A+ certification, troubleshooting, building computers.
• Networking Skills: Knowledge of networking concepts, CIDR notation, subnets, OSI model, etc.
• Security Skills: Knowledge of necessary security measures in networking.
• Linux Knowledge: Familiarity with Kali Linux, command line, scripts.
• Programming Knowledge: Ability to read and understand code, especially Python.

Recommended Resources

• Free Resources: Professor Messer for A+/Network+/Security+, Cisco Packet Tracer.
• Paid Alternatives: Mike Meyers on Udemy, TCM Security Academy.
• Linux Learning: TCM Linux Fundamentals, Linux Journey, Over the Wire war games.
• Programming Learning: TCM programming fundamentals, FreeCodeCamp, Codecademy, Team Treehouse.

Ethical Hacking Skills

Practical Ethical Hacking

• Course Overview: TCM's Practical Ethical Hacking course covers networking, Linux, Python, hacking methodology, active directory, web application hacking.
• Hands-On Learning: Importance of hands-on training through courses like TryHackMe, Hack the Box, and Vuln Hub.

Web Application and Network Hacking

• Web Application Hacking: Importance of OWASP top 10, utilizing platforms like PortSwigger Academy, Hacker 101, BugCrowd.
• Wireless Hacking: Understanding WPA2 and enterprise-level security measures.

Certifications for Ethical Hacking

• Multiple Certifications: Pentest+, CEH, GPEN, OSCP, PNPT, CPTS.
• Cost and Accessibility: Varied costs and prerequisites, importance of practical experience.
• Certification Value: Helps get past recruiters and is critical to entering the field.

Specialization and Career Path

Specialization Areas

• Potential Paths: Network hacking, web application hacking, mobile hacking, etc.
• AI and Cybersecurity: Emerging field with potential for specialization.

Community and Learning

• Engagement: Being active in Discord, Twitter, and other forums.
• Continuous Learning: Importance of staying updated with AI and cybersecurity trends.

Advice and Insights

Career Advice

• Pursue Interests: Follow what excites you, whether it's generalist or specialist roles.
• Run Your Own Race: Avoid comparisons; focus on self-improvement.

Community Engagement

• Mentorship: Community mentorship as an effective learning tool.
• Contribution: Encourage mutual learning and contribution in online communities.

Conclusion

• Final Thoughts: Ethical hacking requires a combination of foundational skills, continuous learning, specialization, and community engagement.
• Personal Reflection: Heath Adams emphasizes personal growth and community contribution.