4 answers
4 answers
Updated
Allen’s Answer
Knowing a scripting language like Python or Powershell is a great place to start to get into pentesting and ethical hacking, but it will not come close to being enough. I do not mean this to discourage you though! Programming will allow you to make custom tools and exploits, but in order to get to the point of being able to program for this purpose, you will have to learn a lot about cyber security and the domains you would like to focus on (web, systems, reversing, etc.). For this you will need a lot of Cyber Security training of some kind. I personally got a bachelor's degree in Cyber Security and this taught me all of a computer science degree plus the security aspects of everything as well. For instance, I would take a Networks class then a Networks Security class after. If you don't want college, there are some really good cyber security "boot camps" that will get you into the field as well.
In addition to this, you will most likely also want certifications if you intend to ethically hack on your own (or for an organization even). These certifications start with simple ones like Security+ and Certified Ethical Hacker, but range up to GXPN, OSCP, and more. These higher certs cost about the same as a cheap car.
In summary, computer science principles like programming is fundamental to being a good pentester, but you will need to become intimately familiar with both the systems, and the security implications that come with them in order to exploit potential vulnerabilities, or to even find them in the first place. Hope this is helpful.
In addition to this, you will most likely also want certifications if you intend to ethically hack on your own (or for an organization even). These certifications start with simple ones like Security+ and Certified Ethical Hacker, but range up to GXPN, OSCP, and more. These higher certs cost about the same as a cheap car.
In summary, computer science principles like programming is fundamental to being a good pentester, but you will need to become intimately familiar with both the systems, and the security implications that come with them in order to exploit potential vulnerabilities, or to even find them in the first place. Hope this is helpful.
Updated
Adam’s Answer
Ethical hacking requires that you know the fundamentals of different disciplines. I would suggest having an understanding of coding, security ( security+ ) networking, and systems ( linux, windows )
Updated
Fred’s Answer
The more you know, the better equipped you are. For example, if you don't understand network protocols, then you're going to have a hard time understanding an attack that exploits their flaws (if you are on a blue-team), or you will be unable to craft an attack using them (if you are on a red team).
A class or two on ethics would be worthwhile. Is it ethical to hack a private website if your intention is to find flaws and point them out to the website's owner? Is it ethical to create a worm that patches flaws in an OS, to stop other hackers?
And I am a firm believer in getting a broad education across many areas. I have been working professionally in IT for over 20 years, but my only degree is a B.A. in theatre. I've taken many CS classes, but also classes in business, leadership, and management. I ready websites, blogs, and journal articles. I watch videos on topics of interest - CS, maths, education, whatever. All of these classes help me in my day-to-day role.
So...do you HAVE to take more classes? probably not. SHOULD you? 100% yes.
A class or two on ethics would be worthwhile. Is it ethical to hack a private website if your intention is to find flaws and point them out to the website's owner? Is it ethical to create a worm that patches flaws in an OS, to stop other hackers?
And I am a firm believer in getting a broad education across many areas. I have been working professionally in IT for over 20 years, but my only degree is a B.A. in theatre. I've taken many CS classes, but also classes in business, leadership, and management. I ready websites, blogs, and journal articles. I watch videos on topics of interest - CS, maths, education, whatever. All of these classes help me in my day-to-day role.
So...do you HAVE to take more classes? probably not. SHOULD you? 100% yes.
Updated
Asim’s Answer
I fully agree with Allen's guidance. If you are interested in Ethical Hacking, go for it. However, covering your basics with Software Architecture, Vulnerabilities with software coding, and some Network weaknesses that can be exploited can give you advantage and speed you may need in this area to make a difference compared to others in this field.
Good Luck!
Good Luck!