the CHEAPEST path to becoming an ethical hacker

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
what's up YouTube TCM here back with another video and today we're going to be talking about the cheapest path you can take to become an ethical hacker everything you're going to see in this video is either going to be a free resource or a resource that is no more than 30 dollars total I've got lots of resources to show you we're going to take you from zero to here we're going to talk about all the skills that you need and the resources that are out there in order to make you successful as an ethical hacker now we're going to take a quick word from our sponsor which you should honestly watch because it's about ethical hacking and another free resource to get into ethical hacking which is the reason why we're doing this whole video today so if you like the video like subscribe comment down below all that fun stuff quick word from our sponsor then we're going to jump into all these amazing resources to get into ethical hacking on the cheap if you're familiar with my channel you know that this channel is primarily about ethical hacking and a lot of the newcomers that come to the channel think that ethical hacking is about just breaking into systems and causing as much chaos as you can and in reality that's not the truth of it what we're trying to do is we're trying to find vulnerabilities before the bad people do and Report those to clients ethically if you're one of those people that are new to ethical hacking and you're looking to get started sneak is offering and ethical hacking 101 workshop on June 21st not only will you get to learn about the tools and resources to use to get started but you'll also learn about how to proactively identify and fix security vulnerabilities such as prototype pollution or path traversal before they can actually be exploited and perhaps most importantly you're going to get to walk through the process of responsible disclosure how do you actually disclose findings to somebody that means you're going to be able to identify and find vulnerabilities but you're also going to be able to know what to do if you come across one the sneak team will be helping you every step of the way offering Live support and walkthroughs so join sneak's ethical hacking 101 workshop and June 21st at 11 A.M eastern daylight time it's free it's virtual and you can register using my link in the description below or as seen on the screen here okay so let's talk about this road map this roadmap is going to be from Zero to Hero you need to figure out where you're at on this roadmap and place yourself there to move forward we're going to start with the very Basics and move down so we'll start at the top of the list and as we progress further things get a little bit more complex so first things first you need to have basic computer knowledge this is the equivalent to the CompTIA a plus certification any certification I name in this video by the way you do not need to get though it can be helpful so what does basic computer knowledge look like well this means hey can you build a computer can you fix a computer can you identify it by its parts if the answer is no you probably need some training in this now this type of knowledge is what is considered help desk level knowledge meaning that if you did get this knowledge you could go work on a help desk and answer tickets solve problems for clients or customers now I'm all about cheap or free resources so Professor Messer or Mike Myers for all the Tia that I'm going to show you is highly recommended for Professor Messer there are a ton of videos there I do find them a little bit dry but hey it's free you can't pass that up for CompTIA there are two sections there's a 101 and a 102 that you need to pass first section here does cover all the basics hey what's a mobile device what's networking what are these basics of computers and then in section two we start to cover a operating systems how do we actually fix some of this stuff and we get into the Hands-On break fix items which is pretty nice now again Professor Messer is free Mike Myers is cheap if you go to udemy and I'll link all these in the description below by the way but if you go to udemy you'll see that's 94.99 that's not true udemy always runs deals hey courses from 14.99 you can enroll and get this for 14.99 when you're looking at udemy courses for any course if they have a rating of 4.7 or better that's usually my threshold 4.6 maybe the cut off you kind of want the higher ratings now Mike Myers is a great teacher nothing against Professor Messer it's great and he's free it's just a little dry Mike Myers explains it in a explain like I'm five type way and I've always appreciated that about him all right moving down the list we've got computer networking knowledge so when we talk about computer networking can you tell me what the OSI model is do you know what service runs on Port 22 can you tell me what cider notation is or can you describe a three-way handshake if you thought the last item was a dirty joke you do not know what computer networking is and that's all right because guess what there's training out there in terms of resources this is going to build you up for what is called the network plus now Network plus certification could land you a job as a junior network engineer this is a certification that I got along with the a plus and the Security Plus which we'll talk about here in just a second and this exam only has one exam unlike the a plus which had two exams so you come through here it teaches you everything you need to know about computer network working again Professor Messer free Mike Myers up here not free but still great and then there's also Cisco Packet Tracer which allows you to download and play with fake networks you can build out your own networks it's actually really cool and they have training for it highly recommend checking this out and getting your computer networking skills built up you're gonna need these if you ever become an ethical hacker because a lot of things that we do do revolve around networks and hacking networks so please do not skip over the networking knowledge all right next up is the security knowledge or the cyber security knowledge we're talking about the CompTIA Security Plus here and if you get all three of these certifications this is what's called the Triad this is what I did and again you need to know this knowledge but we start layering on from what we learned before I like to think of the Security Plus as the network plus plus it takes a lot of Concepts from networking and then layer Security on top of them so do you know why telnet is insecure same question here but do you know what the difference between Port 20 21 in Port 22 is what about Port 80 and 4043 do you know the difference between TLS and SSL which one's better which one's newer more modern if you don't know that that's okay you just need to learn this before you try to jump into the deep end for ethical hacking this is building on that ladder and you need this to get to the next step again great resources out there I'm sure you guessed it for this one again it's Mike Myers and is Professor Messer you can't go wrong with either of these people for your training now it sounds repetitive but these guys dominate the a plus net plus Security Plus the CompTIA Triad Market all right so we're going to get into different training vendors here but again you cannot go wrong with either of these courses and there's just one exam for Security Plus okay next up is Linux knowledge now we use Linux in ethical hacking quite a bit in fact you're going to be very well versed in something called Kali Linux most likely there's also other distributions of Linux regardless you're going to need to know how to use Linux now Linux to me is like learning a foreign language you can go and study it all you want and I'm going to provide resources but you can study and only learn a little bit or you can immerse yourself in the environment so if you're learning a foreign language going to another country and trying to learn their language and speak the language with them is a lot better than just doing Duolingo or some other app and just saying hey I know the language same thing with Linux you want to immerse yourself in the environment download Linux use it as your main operating system for a week and just see the results that you get out of it when you have to struggle a little bit to learn your way around things now how can we learn Linux here's some great resources again we're sticking with free or very cheap Linux journey is great you can come in here and just hey what happens if I want to get started command line all these things you just click on one and it takes you through all this it gives you exercises Linux journey is fantastic if you want some more practice there's something called Over The Wire now they have different War Games Bandit is one that's made for beginners for Linux you you can come in here it gives you different challenges hey level zero level one and kind of teaches you along the way what you need to do to solve these problems and even gives you some hints you can look these up and find out Solutions and that way you can kind of game the system a little bit and learn along the way which is great and then of course full disclosure this is one of our courses but we do have a Linux 101 at TCM Security Academy where it covers all of this stuff as well it has five and a half hours now Linux is very popular you can go out there and learn Debian based Linux and just pick it up you can actually honestly just learn it from YouTube or anywhere else if you just pick it up immerse yourself you're going to be great but you need to know Linux in order to be successful in this field okay next up is coding and do not let this scare you you do not need to be a developer by any means to have a successful career in cyber security or ethical hacking if you go out and you get a computer science degree or you have a development background good job a plus to you it helps a lot however if you are going to be an ethical hacker you do need to be able to read code that is because we often download code from the internet and we do run that against systems you need to understand what that code does and make sure it's not malicious or going to take down a system so in order to do that we have to be able to read you do not need to be a developer to be successful let's take a look at some of the resources that are available to learn coding okay now for coding I do recommend starting with python it's a very easy language to pick up and be able to read and it's a great first language so much so that colleges are all switching to python for their introductory coding courses and it just helps ease you into it so First Resource is free code cam fantastic you can come here and just search for like python big caveat here is make sure that you are learning Python 3 if you see anything that says python 2 you want to make sure that you are not doing that because that is now deprecated alright so it shows you the dates that these came through like hey Learn Python from Harvard University that's awesome there are full python courses on on here you might have to do a little bit of digging this is arranged by date so you may have to just search a little bit on free codecamp but it's fantastic other resources that are paid code academy is great they have a ton of python resources in here and it allows you to actually just type into the code onto the screen here in the web browser and utilize it that way you don't have to download python or anything also fantastic they've got a lot of resources here you can do a seven day free trial without using your credit card which is fantastic so also worth signing up for I think the pricing overall is around thirty dollars a month same with Team Treehouse fantastic it's free for seven days I do think you need to actually use a credit card here is 25 a month afterwards but they have so many different courses and tracks and even like degree plans that they have in here it's great it's high quality I think it's better than codecademy because they do teach you video bass but you can try both of these for free and see which ones you like again a little bit of self-promotion we do have python courses geared towards ethical hacking python 101 is a great resource teaches you all the basics and then you can move into python 201 and get more advanced as you go so just depending on the platform your budget everything else all these are 30 or less and fantastic resources for your coding knowledge okay we got all the foundationals down we can start moving into actually learning ethical hacking so let's start with basic hacking knowledge we need to understand the concepts and just start getting our feet wet a little bit when it comes to ethical hacking let's look at some resources available for that all right first and foremost again a little bit of self-promotion this is a hundred percent free by the way we have a couple different versions of our ethical hacking course on YouTube so this is practical ethical hacking in 15 hours this is the most recent this will teach you a lot of the basics everything you actually need for your basic knowledge before you start getting into advanced items and we'll talk about Advanced hacking in just a little bit but this is is hey what do I need for the foundational groundwork now this is a great course it's broken into two sections due to upload limitations but it's fantastic this is a branch off of the 2022 version which has almost 4 million views just to let you know the quality that goes behind this what goes into this is actually the first half of our course we have a 25 plus I think it's actually up to 27 hours now of ethical hacking course and again no more than thirty dollars for this you go in and you can see all the things that you learn and this actually does get into advanced hacking more so than just basic hacking so we've got hey again here what do you do for computer networking what do you do with Linux what do you do with python we cover a lot of that introductory stuff and then we get into ethical hacking we get into a lot of this stuff here in order to get through this and then we get into active directory hacking and web application hacking and if all this sounds foreign that's okay but there's a lot of resources available to you and this is the type of course that you need in order to get into the field and type of foundations that you need in order to get into the field of work now there are some other resources that are free or very cheap uh try hack me is my favorite out of the two uh try Hackney is great it is free to join they do limit you in some of the rooms that you can do but basically it's like a capture the flag style though with some handheld learning it kind of walks you through and says hey here's your mission go find this flag or go figure this out and it's fantastic so um I think that try hack me is fantastic another resource like this is hack the Box both of these are free to use and then have some premium upgrades involved with them a lot of it is CTF style meaning Capture the Flag it's not as practical but it still allows you to get Hands-On keyboard it's a little bit gamified and allows you to just get some practice and experience and I think they're great learning resources if I had to give you one try hack me is great A hack the box is still not too far behind in my opinion okay we've built up to the this which is Advanced hacking knowledge what do we do above and beyond the basics that we've already learned well there's a few things we want to learn what's called active directory hacking we want to learn web application pen testing and we want to kind of tie those together those are some of the expectations you'll need as a junior level ethical hacker more so on the active directory side than the web application side but you will still need to know the web application side of things let's talk about resources there as well all right so the active directory stuff I think honestly without bias our course covers that better than any course that's out there right now so I would highly recommend taking that course in order to learn active directory you can find a lot of information out there from blogs like this one's from 2018 and it's actually surprising how a lot of the basics for active directory still work like this lmnr attack is still very very common really attacks very common So reading blogs like this is fantastic as well you need to pick up active directory knowledge if you're going to be successful as an ethical hacker moving on to to web application pen testing this is very important so it's a fantastic resource called portswiger Academy and this Academy is a hundred percent free it teaches you all kinds of attacks through these different modules and it even guides you through them and if you do want to go through all this you can end up actually taking an exam if you wanted to as well it's fantastic and again like it says 100 free I don't think there's a better web application resource out there and that's from somebody that teaches web application pen testing this is just fantastic for Hands-On material here another thing for web app pen testing that you need to know is that the OAS top 10 is out there it exists and you should learn it so OAS top 10 is the top 10 most common vulnerabilities no it is the top 10 most critical vulnerabilities that are out there so when we do these by security risk you look at this there was 2017 list there's a 2021 list and there's going to be a new list coming out very soon and it talks about hey what is broken access control that's number one okay number three is injection what is that that mean you can click into these how do I fix this you will be quizzed on this multiple times I'm sure during interviews so make sure you understand this what they mean how to prevent it those kinds of things because it will come up in your interview okay so that is a quick rundown of all the things that you need to do to study for this we're not getting into certifications or any of that stuff you just need to put in the work and study the foundations all the way through hacking and you can worry about the rest on your journey later this is what you need in the resources that are out there and that you can do all of which I showed you today for under thirty dollars you cannot complain about that most of these resources are free it's fantastic go out there if you want to be an ethical hacker jump into some of this free training see if you like it get your foundational knowledge and just boost it up at worst You Come Away with some more knowledge you may want to get into cyber security down the road somewhere else maybe it's not ethical hacking maybe it's blue team maybe it's incident response maybe it's forensics maybe it's something else right maybe it's not ethical hacking but a lot of these core Concepts apply to other fields of cyber security so hopefully you found this video useful if you did please do like the video comment subscribe let me know what other videos you want to see and until next time my name is Heath Adams AKA The Cyber mentor and I do thank you for joining me peace out
Info
Channel: The Cyber Mentor
Views: 61,598
Rating: undefined out of 5
Keywords:
Id: e82g80Kzg4k
Channel Id: undefined
Length: 17min 14sec (1034 seconds)
Published: Mon Jun 12 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.