Ethical hacking in India?!
Hey everyone,
I am still a student and I am really interested in ethical hacking. But i have no clue about where to start because I don’t have such a person with this interest around me.
I just wanted to take inputs from a ethical hacker if any here on GV. I just had a few questions
- where did you start from ?
- how much time did it take to be called considerably learned (because i know for a fact that there is tooooo much to learn) ?
- jobs ?
(This is my first post on GV so excuse me for any mistakes made)
Not an ethical hacker but I’ve got few friends who are cyber security experts so here are a few of my inputs which are based on their experiences:
• No matter what you do, DON’T think about pursuing this career outside of India. All good cyber security roles require some form of security clearance which they don’t give to foreigners.
• There’s not much growth in this field which means there aren’t as many jobs as there are candidates for it. Personally, I’d suggest looking for some other field. Try Prompt engineering?
• Although there are two plus point related to this field. There’s usually not much work load until something goes wrong and it’s possibly very easy to get a wfh setup for this role, but only in India.
Thank you for your inputs :)
@ChaiFanatic This is sheer ignorance. Your friend is either not good at his job or is oblivious of the current opportunities in this field.
@ajcgxd Cyber security is a thriving space. There’s no job role/title of an “ethical hacker”. Cybersec is a huge field and can be broadly classified into 3 areas - offensive security, defensive security, and GRC (governance, risk, and compliance)
Since you specifically asked for the role of an “ethical hacker” I’ll give you my two cents. The professional terminology is Penetration Testers. This role falls under the offensive security category. Their role is to emulate the actions of an actual criminal and break into an application or network to find flaws and loopholes.
Most of the cybersecurity engineers you’ll meet would have started their careers with this role (even I did).
For a beginner, I’d suggest learning about how the internet works (basically what happens when search for a website on browser), the OSI model, how different technologies work (ex SQL, JS, SOP, CORS, etc), linux fundamentals, using the command line, OWASP top 10, HTTP headers and status codes, TCP/IP handshake.
You can start by using platforms like TryHackMe or HackTheBox - these have academies where they’ve defined learning paths based on your competency. This would be a great place to start.
There is no defined timeline to be considered “learned enough”. It all depends on how much time you’re devoting to learning and applying the skills. You can build your credentials through certifications as well (ex OSCP, OSWE, eJPT, etc).
With regards to jobs, cybersecurity has a massive skill shortage. There are plenty of opportunities across various roles. Cybersecurity is a hot field right now, in-line with AI and Data Science.
Also, india has highest no of ethical hackers in the world. Read the reports of Hackerone and Bugcrowd.
Following.