MCSI #001: Learn how to become an ethical hacker and get paid to hack#

Many of you may be aspiring to become an ethical hacker - a job that is both fun, rewarding, and challenging. With the increasing popularity of Bug Bounty Programs, there is an unparalleled amount of work in this field.

Here’s my story of how I got into penetration testing:

  • Starting writing web applications at age 8

  • Discovered hacking at age 12

  • Published 100s of security advisories in vulnerable PHP applications by age 16

  • Worked several freelance jobs as a developer and never got paid

  • Landed my first paid penetration testing job at age 19

  • Generated 200K as a pentester before age 22

This was all before Bug Bounties were established. With the right mindset and training program, it is entirely possible for you to exceed my financial success.

Step 1: Adopt the Hacker Ethic#

People talk about the Hacker Mindset, but I prefer the Hacker Ethic:

“The Hacker Ethic, which instructs you to keep working until your hack tops previous efforts.” Steven Levy, Hackers: Heroes of the Computer Revolution

You must strive to outdo what you have achieved in the past.

To be a successful hacker, it is essential to cultivate a mindset of continuous improvement. This requires dedication, faith in yourself, and hard work.

Step 2: Stay focused and go deep#

One key piece of advice that every penetration tester I know gives beginners is to stay focused and go deep. This is what Nathan Wakelam answered when asked what advice he would give himself if he could go back in time:

../_images/2023-001-nathan-wakelam-quote.png

Many of you aren’t focused enough. You get distracted by new shiny ideas, tools, platforms, and certifications. You don’t go deep enough on anything.

If you want to improve your cyber skills and be successful in the field of penetration testing, here’s some advice I recommend you follow in 2023:

  1. Learn system administration (both Windows and Linux)

  2. Enhance your knowledge and learn how vulnerabilities work at a code-level by coding vulnerable applications

  3. Augment your online research competencies with OSINT skills

Mastering the fundamentals that apply to all cyber domains is a sure way to succeed!

Step 3: Focus on competencies, not certifications#

Certifications do not help unemployed people obtain jobs, according to 61% of them.

../_images/2023-001-NIST-NICE.png

Too many of you are fixated on collecting certifications; however, employers are really looking for competencies!

Your capacity to generate revenue is closely related to the problems you can solve.

Companies pay people to solve problems, not to have certificates.

Your objective for 2023 should be to gain skills that are worth paying for.

How can I help you?#

Get trained#

MCSI is committed to equipping students with the skills and knowledge needed to secure high-paying jobs in the field of cybersecurity.

Through our MSAF and MOIS courses, you can master the fundamentals, while our platform helps you build a portfolio that you can use to demonstrate your expertise to potential employers.

If you wish to gain advanced skills and be ready for penetration testing, our MPT certification is perfect for you. Every exercise simulates real-world tasks, allowing you to develop a portfolio of completed projects to demonstrate your capabilities in finding vulnerabilities in applications and networks.

Benjamin Mossé

Subscribe to our newsletter#

Are you looking to learn cyber security, land a job, or improve your current skills? MCSI’s newsletter is the perfect resource for you. Our newsletter is dedicated to helping students stay up to date on the latest news and trends in the cyber security industry. We provide helpful tips and tricks on how to land jobs, as well as insights into how to improve your skills. Don’t miss out - subscribe to our newsletter today and start taking advantage of all the benefits it has to offer!