the CHEAPEST path to becoming an ethical hacker
Summary
TLDRIn this informative video, The Cyber Mentor, Heath Adams, guides viewers on the most cost-effective path to becoming an ethical hacker. He introduces free or low-cost resources, including certifications, workshops, and online courses, covering essential skills from basic computer knowledge to advanced hacking techniques. Adams emphasizes the importance of understanding networking, security, Linux, coding, and ethical hacking concepts, recommending specific platforms and courses to build a strong foundation in cybersecurity.
Takeaways
- 💻 The video aims to outline the most cost-effective path to becoming an ethical hacker, focusing on free resources or those under $30.
- 🎓 It emphasizes the importance of foundational computer knowledge, equivalent to the CompTIA A+ certification, for understanding computer parts and basic troubleshooting.
- 🌐 Computer networking knowledge is crucial, including understanding the OSI model, port services, and concepts like CIDR notation and the three-way handshake.
- 🔒 The CompTIA Security Plus certification is recommended for building upon networking knowledge with a focus on security, often referred to as 'Network Plus Plus'.
- 🐧 Linux knowledge is essential, particularly with Kali Linux, and the speaker suggests immersing oneself in the Linux environment to effectively learn.
- 🐍 Coding skills, particularly Python, are necessary for ethical hackers to understand and analyze code, though not necessarily to become a developer.
- 👨🏫 Professor Messer and Mike Myers are highlighted as valuable resources for learning CompTIA certifications, with their content often being free or affordable.
- 🎮 Interactive learning platforms like TryHackMe and Hack The Box provide practical, gamified experience in ethical hacking.
- 🛠️ The video promotes the idea that ethical hacking is about finding and reporting vulnerabilities ethically, not causing chaos.
- 📈 The speaker suggests a roadmap from basic computer knowledge to advanced hacking skills, including active directory hacking and web application pen testing.
- 📝 The importance of understanding the OWASP Top 10 vulnerabilities for web application pen testing is stressed, as this knowledge is often tested in interviews.
Q & A
What is the main focus of the video?
-The video focuses on providing a roadmap to becoming an ethical hacker using free or inexpensive resources.
Why is the video about ethical hacking being made?
-The video is made to show how to become an ethical hacker affordably, using resources that are either free or cost no more than $30.
What misconception about ethical hacking does the speaker address?
-The speaker addresses the misconception that ethical hacking is about breaking into systems and causing chaos, when in reality, it is about finding vulnerabilities and reporting them responsibly.
What is the first foundational skill mentioned in the roadmap?
-The first foundational skill mentioned is basic computer knowledge, equivalent to the CompTIA A+ certification.
What resources are recommended for learning basic computer knowledge?
-Professor Messer’s free videos and Mike Myers’ courses on Udemy, which can often be found at discounted rates, are recommended for learning basic computer knowledge.
What is the importance of computer networking knowledge for ethical hackers?
-Computer networking knowledge is crucial because many ethical hacking activities involve understanding and exploiting networks.
What resources are suggested for learning computer networking?
-Professor Messer's free materials, Mike Myers’ courses on Udemy, and Cisco Packet Tracer are suggested resources for learning computer networking.
What is the 'CompTIA Triad' mentioned in the video?
-The 'CompTIA Triad' refers to the combination of A+, Network+, and Security+ certifications, which provide a solid foundation in IT and cybersecurity.
Why is Linux knowledge important for ethical hackers?
-Linux knowledge is important because many ethical hacking tools and environments, like Kali Linux, are based on Linux, and understanding how to use and navigate Linux is essential for ethical hackers.
What are some resources mentioned for learning Linux?
-Resources mentioned for learning Linux include Linux Journey, OverTheWire’s Bandit game, and TCM Security Academy’s Linux 101 course.
Is advanced coding knowledge necessary to become an ethical hacker?
-No, advanced coding knowledge is not necessary, but being able to read and understand code, especially Python, is important for ethical hacking.
What free resources are recommended for learning Python?
-FreeCodeCamp and Codeacademy, which offers a seven-day free trial, are recommended for learning Python.
What are the two platforms mentioned for practicing ethical hacking skills?
-TryHackMe and Hack The Box are mentioned as platforms for practicing ethical hacking skills through Capture the Flag-style challenges.
What is emphasized about learning ethical hacking in the video?
-It is emphasized that learning ethical hacking involves starting with foundational knowledge and progressing through practical hands-on experience, using mostly free or inexpensive resources.
What specific types of hacking knowledge are considered advanced?
-Advanced hacking knowledge includes skills like Active Directory hacking and web application penetration testing.
What resource is highly recommended for learning web application penetration testing?
-PortSwigger Academy, which offers free modules and hands-on exercises, is highly recommended for learning web application penetration testing.
What is the OWASP Top 10, and why is it important?
-The OWASP Top 10 is a list of the ten most critical web application security risks, and it is important because understanding these vulnerabilities is crucial for web application penetration testing.
What is the speaker's advice for anyone interested in becoming an ethical hacker?
-The speaker advises starting with free training to see if ethical hacking interests you and to build foundational knowledge that can be applied in various cybersecurity roles.
Outlines
🛡️ Introduction to Ethical Hacking on a Budget
The host introduces the video focused on the cheapest path to becoming an ethical hacker, highlighting that all resources mentioned are either free or under $30. The video aims to cover essential skills and resources necessary for becoming an ethical hacker, and it includes a brief mention of the sponsor's ethical hacking workshop.
🔍 Sneak's Ethical Hacking Workshop
The host discusses the misconception that ethical hacking is about causing chaos, explaining that it's about finding and reporting vulnerabilities ethically. Sneak is offering a free Ethical Hacking 101 workshop on June 21st, covering tools, proactive identification, and fixing of security vulnerabilities, as well as responsible disclosure. Registration details are provided.
💻 Basic Computer Knowledge
The host emphasizes the importance of basic computer knowledge, equating it to the CompTIA A+ certification. This foundational knowledge includes building and fixing computers and understanding basic components. Recommended resources include free videos from Professor Messer and affordable courses from Mike Myers on Udemy.
🌐 Computer Networking Knowledge
Understanding computer networking is crucial for ethical hacking. The host outlines essential networking concepts like the OSI model, port services, and network protocols. Recommended resources include Professor Messer's free videos, Mike Myers' courses, and the Cisco Packet Tracer for practical networking experience.
🔐 Cybersecurity Knowledge
The host explains the importance of cybersecurity knowledge, specifically the CompTIA Security+ certification. This knowledge builds on basic computer and networking concepts, focusing on security principles. Recommended resources are again Professor Messer and Mike Myers, with an emphasis on understanding various security protocols and their applications.
🐧 Linux Knowledge
Linux knowledge is essential for ethical hacking, with Kali Linux being a popular choice. The host advises immersing oneself in Linux by using it as the main operating system. Recommended resources include Linux Journey, Over The Wire's Bandit challenges, and TCM Security Academy's Linux 101 course.
💻 Coding Knowledge
Basic coding skills, particularly in Python, are necessary for ethical hacking. The host reassures that one doesn't need to be a developer but should understand code to ensure it's safe. Recommended resources include Free Code Camp, Code Academy, Team Treehouse, and TCM Security's Python courses.
🔓 Basic Hacking Knowledge
For basic hacking knowledge, the host recommends starting with free or affordable courses that cover foundational concepts. Resources include TCM Security's free YouTube course on practical ethical hacking, Try Hack Me, and Hack The Box for hands-on practice with capture-the-flag style challenges.
🖥️ Advanced Hacking Knowledge
Advanced hacking knowledge involves understanding Active Directory and web application penetration testing. The host highlights the importance of these skills for junior ethical hackers. Recommended resources include TCM Security's advanced courses, PortSwigger Academy for web application testing, and understanding the OWASP Top 10 vulnerabilities.
🚀 Final Tips and Encouragement
The host summarizes the path to becoming an ethical hacker, emphasizing the importance of foundational knowledge and continuous learning. They encourage viewers to explore different areas of cybersecurity if ethical hacking doesn't suit them and reiterate the availability of many free and affordable resources. The video ends with a call to action to like, comment, and subscribe.
Mindmap
Keywords
💡Ethical Hacking
💡CompTIA A+
💡OSI Model
💡Port 22
💡CompTIA Network+
💡CompTIA Security+
💡Kali Linux
💡Python
💡TryHackMe
💡Hack The Box
💡OAST Top 10
Highlights
The video offers a guide on the cheapest path to becoming an ethical hacker with resources under $30.
Sponsor's word introduces a free ethical hacking workshop by 'sneak' on June 21st.
Ethical hacking is about finding vulnerabilities before bad actors and reporting them responsibly.
Basic computer knowledge is essential, equivalent to CompTIA A+ certification.
Professor Messer and Mike Myers are recommended for free or cheap CompTIA A+ training.
Understanding the OSI model and networking basics is crucial for ethical hackers.
Resources like Cisco Packet Tracer are recommended for hands-on networking practice.
CompTIA Security Plus builds on networking knowledge with a focus on security.
Linux knowledge is vital, with Kali Linux being a common tool in ethical hacking.
Linux Journey and Over The Wire provide free resources for learning Linux.
Coding skills, particularly Python, are necessary for reading and understanding code in ethical hacking.
Free resources like Free Code Camp and Codecademy are available for learning Python.
Basic hacking knowledge is covered in free courses on YouTube, such as the Practical Ethical Hacking series.
TryHackMe and Hack The Box offer free, gamified learning experiences in ethical hacking.
Advanced hacking knowledge includes active directory hacking and web application pen testing.
PortSwigger Academy provides free, comprehensive web application pen testing training.
Understanding the OWASP Top 10 vulnerabilities is essential for web application security.
The video emphasizes the importance of foundational knowledge across various cybersecurity fields.
The Cyber Mentor, Heath Adams, encourages viewers to take advantage of free training to explore ethical hacking.
Transcripts
what's up YouTube TCM here back with
another video and today we're going to
be talking about the cheapest path you
can take to become an ethical hacker
everything you're going to see in this
video is either going to be a free
resource or a resource that is no more
than 30 dollars total I've got lots of
resources to show you we're going to
take you from zero to here we're going
to talk about all the skills that you
need and the resources that are out
there in order to make you successful as
an ethical hacker now we're going to
take a quick word from our sponsor which
you should honestly watch because it's
about ethical hacking and another free
resource to get into ethical hacking
which is the reason why we're doing this
whole video today so if you like the
video like subscribe comment down below
all that fun stuff quick word from our
sponsor then we're going to jump into
all these amazing resources to get into
ethical hacking on the cheap if you're
familiar with my channel you know that
this channel is primarily about ethical
hacking and a lot of the newcomers that
come to the channel think that ethical
hacking is about just breaking into
systems and causing as much chaos as you
can and in reality that's not the truth
of it what we're trying to do is we're
trying to find vulnerabilities before
the bad people do and Report those to
clients ethically if you're one of those
people that are new to ethical hacking
and you're looking to get started sneak
is offering and ethical hacking 101
workshop on June 21st not only will you
get to learn about the tools and
resources to use to get started but
you'll also learn about how to
proactively identify and fix security
vulnerabilities such as prototype
pollution or path traversal before they
can actually be exploited and perhaps
most importantly you're going to get to
walk through the process of responsible
disclosure how do you actually disclose
findings to somebody that means you're
going to be able to identify and find
vulnerabilities but you're also going to
be able to know what to do if you come
across one the sneak team will be
helping you every step of the way
offering Live support and walkthroughs
so join sneak's ethical hacking 101
workshop and June 21st at 11 A.M eastern
daylight time it's free it's virtual and
you can register using my link in the
description below or as seen on the
screen here okay so let's talk about
this road map this roadmap is going to
be from Zero to Hero you need to figure
out where you're at on this roadmap and
place yourself there to move forward
we're going to start with the very
Basics and move down so we'll start at
the top of the list and as we progress
further things get a little bit more
complex so first things first you need
to have basic computer knowledge this is
the equivalent to the CompTIA a plus
certification any certification I name
in this video by the way you do not need
to get though it can be helpful so what
does basic computer knowledge look like
well this means hey can you build a
computer can you fix a computer can you
identify it by its parts if the answer
is no you probably need some training in
this now this type of knowledge is what
is considered help desk level knowledge
meaning that if you did get this
knowledge you could go work on a help
desk and answer tickets solve problems
for clients or customers now I'm all
about cheap or free resources so
Professor Messer or Mike Myers for all
the Tia that I'm going to show you is
highly recommended for Professor Messer
there are a ton of videos there I do
find them a little bit dry but hey it's
free you can't pass that up for CompTIA
there are two sections there's a 101 and
a 102 that you need to pass first
section here does cover all the basics
hey what's a mobile device what's
networking what are these basics of
computers and then in section two we
start to cover a operating systems how
do we actually fix some of this stuff
and we get into the Hands-On break fix
items which is pretty nice now again
Professor Messer is free Mike Myers is
cheap if you go to udemy and I'll link
all these in the description below by
the way but if you go to udemy you'll
see that's 94.99 that's not true udemy
always runs deals hey courses from 14.99
you can enroll and get this for 14.99
when you're looking at udemy courses for
any course if they have a rating of 4.7
or better that's usually my threshold
4.6 maybe the cut off you kind of want
the higher ratings now Mike Myers is a
great teacher nothing against Professor
Messer it's great and he's free it's
just a little dry Mike Myers explains it
in a explain like I'm five type way and
I've always appreciated that about him
all right moving down the list we've got
computer networking knowledge so when we
talk about computer networking can you
tell me what the OSI model is do you
know what service runs on Port 22 can
you tell me what cider notation is or
can you describe a three-way handshake
if you thought the last item was a dirty
joke you do not know what computer
networking is and that's all right
because guess what there's training out
there in terms of resources this is
going to build you up for what is called
the network plus now Network plus
certification could land you a job as a
junior network engineer this is a
certification that I got along with the
a plus and the Security Plus which we'll
talk about here in just a second and
this exam only has one exam unlike the a
plus which had two exams so you come
through here it teaches you everything
you need to know about computer network
working again Professor Messer free Mike
Myers up here not free but still great
and then there's also Cisco Packet
Tracer which allows you to download and
play with fake networks you can build
out your own networks it's actually
really cool and they have training for
it highly recommend checking this out
and getting your computer networking
skills built up you're gonna need these
if you ever become an ethical hacker
because a lot of things that we do do
revolve around networks and hacking
networks so please do not skip over the
networking knowledge all right next up
is the security knowledge or the cyber
security knowledge we're talking about
the CompTIA Security Plus here and if
you get all three of these
certifications this is what's called the
Triad this is what I did and again you
need to know this knowledge but we start
layering on from what we learned before
I like to think of the Security Plus as
the network plus plus it takes a lot of
Concepts from networking and then layer
Security on top of them so do you know
why telnet is insecure same question
here but do you know what the difference
between Port 20 21 in Port 22 is what
about Port 80 and 4043 do you know the
difference between TLS and SSL which
one's better which one's newer more
modern if you don't know that that's
okay you just need to learn this before
you try to jump into the deep end for
ethical hacking this is building on that
ladder and you need this to get to the
next step again great resources out
there I'm sure you guessed it for this
one again it's Mike Myers and is
Professor Messer you can't go wrong with
either of these people for your training
now it sounds repetitive but these guys
dominate the a plus net plus Security
Plus the CompTIA Triad Market all right
so we're going to get into different
training vendors here but again you
cannot go wrong with either of these
courses and there's just one exam for
Security Plus okay next up is Linux
knowledge now we use Linux in ethical
hacking quite a bit in fact you're going
to be very well versed in something
called Kali Linux most likely there's
also other distributions of Linux
regardless you're going to need to know
how to use Linux now Linux to me is like
learning a foreign language you can go
and study it all you want and I'm going
to provide resources but you can study
and only learn a little bit or you can
immerse yourself in the environment so
if you're learning a foreign language
going to another country and trying to
learn their language and speak the
language with them is a lot better than
just doing Duolingo or some other app
and just saying hey I know the language
same thing with Linux you want to
immerse yourself in the environment
download Linux use it as your main
operating system for a week and just see
the results that you get out of it when
you have to struggle a little bit to
learn your way around things now how can
we learn Linux here's some great
resources again we're sticking with free
or very cheap Linux journey is great you
can come in here and just hey what
happens if I want to get started command
line all these things you just click on
one and it takes you through all this it
gives you exercises Linux journey is
fantastic if you want some more practice
there's something called Over The Wire
now they have different War Games Bandit
is one that's made for beginners for
Linux you you can come in here it gives
you different challenges hey level zero
level one and kind of teaches you along
the way what you need to do to solve
these problems and even gives you some
hints you can look these up and find out
Solutions and that way you can kind of
game the system a little bit and learn
along the way which is great and then of
course full disclosure this is one of
our courses but we do have a Linux 101
at TCM Security Academy where it covers
all of this stuff as well it has five
and a half hours now Linux is very
popular you can go out there and learn
Debian based Linux and just pick it up
you can actually honestly just learn it
from YouTube or anywhere else if you
just pick it up immerse yourself you're
going to be great but you need to know
Linux in order to be successful in this
field okay next up is coding and do not
let this scare you you do not need to be
a developer by any means to have a
successful career in cyber security or
ethical hacking if you go out and you
get a computer science degree or you
have a development background good job a
plus to you it helps a lot however if
you are going to be an ethical hacker
you do need to be able to read code that
is because we often download code from
the internet and we do run that against
systems you need to understand what that
code does and make sure it's not
malicious or going to take down a system
so in order to do that we have to be
able to read you do not need to be a
developer to be successful let's take a
look at some of the resources that are
available to learn coding okay now for
coding I do recommend starting with
python it's a very easy language to pick
up and be able to read and it's a great
first language so much so that colleges
are all switching to python for their
introductory coding courses and it just
helps ease you into it so First Resource
is free code cam fantastic you can come
here and just search for like python big
caveat here is make sure that you are
learning Python 3 if you see anything
that says python 2 you want to make sure
that you are not doing that because that
is now deprecated alright so it shows
you the dates that these came through
like hey Learn Python from Harvard
University that's awesome there are full
python courses on on here you might have
to do a little bit of digging this is
arranged by date so you may have to just
search a little bit on free codecamp but
it's fantastic other resources that are
paid code academy is great they have a
ton of python resources in here and it
allows you to actually just type into
the code onto the screen here in the web
browser and utilize it that way you
don't have to download python or
anything also fantastic they've got a
lot of resources here you can do a seven
day free trial without using your credit
card which is fantastic so also worth
signing up for I think the pricing
overall is around thirty dollars a month
same with Team Treehouse fantastic it's
free for seven days I do think you need
to actually use a credit card here is 25
a month afterwards but they have so many
different courses and tracks and even
like degree plans that they have in here
it's great it's high quality I think
it's better than codecademy because they
do teach you video bass but you can try
both of these for free and see which
ones you like
again a little bit of self-promotion we
do have python courses geared towards
ethical hacking python 101 is a great
resource teaches you all the basics and
then you can move into python 201 and
get more advanced as you go so just
depending on the platform your budget
everything else all these are 30 or less
and fantastic resources for your coding
knowledge okay we got all the
foundationals down we can start moving
into actually learning ethical hacking
so let's start with basic hacking
knowledge we need to understand the
concepts and just start getting our feet
wet a little bit when it comes to
ethical hacking let's look at some
resources available for that all right
first and foremost again a little bit of
self-promotion this is a hundred percent
free by the way we have a couple
different versions of our ethical
hacking course on YouTube so this is
practical ethical hacking in 15 hours
this is the most recent this will teach
you a lot of the basics everything you
actually need for your basic knowledge
before you start getting into advanced
items and we'll talk about Advanced
hacking in just a little bit but this is
is hey what do I need for the
foundational groundwork now this is a
great course it's broken into two
sections due to upload limitations but
it's fantastic this is a branch off of
the 2022 version which has almost 4
million views just to let you know the
quality that goes behind this what goes
into this is actually the first half of
our course we have a 25 plus I think
it's actually up to 27 hours now of
ethical hacking course and again no more
than thirty dollars for this you go in
and you can see all the things that you
learn and this actually does get into
advanced hacking more so than just basic
hacking so we've got hey again here what
do you do for computer networking what
do you do with Linux what do you do with
python we cover a lot of that
introductory stuff and then we get into
ethical hacking we get into a lot of
this stuff here in order to get through
this and then we get into active
directory hacking and web application
hacking and if all this sounds foreign
that's okay but there's a lot of
resources available to you and this is
the type of course that you need in
order to get into the field and type of
foundations that you need in order to
get into the field of work now there are
some other resources that are free or
very cheap uh try hack me is my favorite
out of the two uh try Hackney is great
it is free to join they do limit you in
some of the rooms that you can do but
basically it's like a capture the flag
style though with some handheld learning
it kind of walks you through and says
hey here's your mission go find this
flag or go figure this out and it's
fantastic so
um I think that try hack me is fantastic
another resource like this is hack the
Box both of these are free to use and
then have some premium upgrades involved
with them a lot of it is CTF style
meaning Capture the Flag it's not as
practical but it still allows you to get
Hands-On keyboard it's a little bit
gamified and allows you to just get some
practice and experience and I think
they're great learning resources if I
had to give you one try hack me is great
A hack the box is still not too far
behind in my opinion okay we've built up
to the this which is Advanced hacking
knowledge what do we do above and beyond
the basics that we've already learned
well there's a few things we want to
learn what's called active directory
hacking we want to learn web application
pen testing and we want to kind of tie
those together those are some of the
expectations you'll need as a junior
level ethical hacker more so on the
active directory side than the web
application side but you will still need
to know the web application side of
things let's talk about resources there
as well all right so the active
directory stuff I think honestly without
bias our course covers that better than
any course that's out there right now so
I would highly recommend taking that
course in order to learn active
directory you can find a lot of
information out there from blogs like
this one's from 2018 and it's actually
surprising how a lot of the basics for
active directory still work like this
lmnr attack is still very very common
really attacks very common So reading
blogs like this is fantastic as well you
need to pick up active directory
knowledge if you're going to be
successful as an ethical hacker moving
on to to web application pen testing
this is very important so it's a
fantastic resource called portswiger
Academy and this Academy is a hundred
percent free it teaches you all kinds of
attacks through these different modules
and it even guides you through them and
if you do want to go through all this
you can end up actually taking an exam
if you wanted to as well it's fantastic
and again like it says 100 free I don't
think there's a better web application
resource out there and that's from
somebody that teaches web application
pen testing this is just fantastic for
Hands-On material here another thing for
web app pen testing that you need to
know is that the OAS top 10 is out there
it exists and you should learn it so OAS
top 10 is the top 10 most common
vulnerabilities no it is the top 10 most
critical vulnerabilities that are out
there so when we do these by security
risk you look at this there was 2017
list there's a 2021 list and there's
going to be a new list coming out very
soon and it talks about hey what is
broken access control that's number one
okay number three is injection what is
that that mean you can click into these
how do I fix this you will be quizzed on
this multiple times I'm sure during
interviews so make sure you understand
this what they mean how to prevent it
those kinds of things because it will
come up in your interview okay so that
is a quick rundown of all the things
that you need to do to study for this
we're not getting into certifications or
any of that stuff you just need to put
in the work and study the foundations
all the way through hacking and you can
worry about the rest on your journey
later this is what you need in the
resources that are out there and that
you can do all of which I showed you
today for under thirty dollars you
cannot complain about that most of these
resources are free it's fantastic go out
there if you want to be an ethical
hacker jump into some of this free
training see if you like it get your
foundational knowledge and just boost it
up at worst You Come Away with some more
knowledge you may want to get into cyber
security down the road somewhere else
maybe it's not ethical hacking maybe
it's blue team maybe it's incident
response maybe it's forensics maybe it's
something else right maybe it's not
ethical hacking but a lot of these core
Concepts apply to other fields of cyber
security so hopefully you found this
video useful if you did please do like
the video comment subscribe let me know
what other videos you want to see and
until next time my name is Heath Adams
AKA The Cyber mentor and I do thank you
for joining me peace out
Browse More Related Video
5 Best HACKING Books for HACKERS - 2024 Full Guide
Introduction to Cryptography and Network Security
Ethical Hackers Roadmap 2022 With Free Resources Hindi | How to become a Ethical Hacker | Career.
Underrated Ethical Hacking Certs (Better than OSCP)
Complete CyberSecurity Roadmap 2024 (Beginner's Guide)
Hacking course and tutorial in bangla | Ethical Hacking Guideline and Roadmap | Hacking course 🔥
5.0 / 5 (0 votes)