Becoming an Ethical Hacker

July 27, 2023 By Ryan Tucker- OnDefend Senior Tradecraft Engineer – OSCP CRTO

We get this question a lot – how does someone become an ethical hacker?  Let’s start by saying that almost everyone has a different story but here’s our advice on some good places to start.

First, cybersecurity in general is a field that rewards actual hands-on experience as much as anything else.  You’ll need to bring along your curiosity and your determination (the path to success is paved with failures you’ll learn from) and relax in the realization that you are going to be constantly learning.

Two major paths exist:

  1.  Formal education and training
  2.  Hands-on challenges.

These two paths play an important role in how you will capitalize on the knowledge and expertise you are going to gain.

Most formalized training paths involve certifications.  There is a wide spectrum of cybersecurity certifications.  Some are well-established ones that have been around for a longer amount of time, and they may have differing levels of respect between technical practitioners and hiring managers.  New certification and training programs pop up frequently, and while they may not be as well-known they frequently offer more contemporary and practical content. Your own selected path is likely to be managing a balance between the value of a recognized certifications and the benefits of up-to-date, actionable knowledge.

Some certifications can provide a significant advantage during job applications. They act as credentials that can help an applicant stand out to hiring managers and secure interviews, making them a valuable addition to a resume.  In fact, often these certifications are used to filter resumes before a hiring manager even sees them.

It’s a cliché, but like many cliches there’s truth to it – you can pass lots of certification tests and still not be able to do the actual work.  There’s no better way to learn how to do the actual work then to do the actual work!  One of the best ways to begin building your skills is to participate in Capture the Flag (CTF) competitions and experiences. These CTFs are essentially puzzles requiring you to learn and apply specific techniques in order to achieve the outcome.  Most CTFs also include a training guide on how to complete the challenges (once the competition is over of course) so that you can see how the creators thought the challenges could be solved.

One of the challenges in the cybersecurity industry is the often-heard phrase, “you need experience to get experience”. Companies prefer to hire those with proven experience, creating a challenging situation for newcomers. By earning certifications and participating in practical exercises like CTFs, one can gain a semblance of ‘real world’ experience, making them more attractive to potential employers.

Here is a list of certification and training:

Non-certificate training/Capture the flags

  • Hackthebox Academy– Hackthebox is a fantastic CTF platform which  came out with an academy section that walks new professionals through the modern tools and techniques used in vulnerable labs and networks. If you are already familiar with the tools and techniques of the trade, there are other learning paths, Pro Labs or regular HackTheBox CTFs to test your skills.
  • Tryhackme– Tryhackme is another CTF like platform that has content divided into much smaller chunks for easier consumption. They have a number of different “learning paths” to tailor the skills and content towards a specific direction.
  • OWASP Juice Shop – An intentionally vulnerable web application that let’s you learn and hack a webapp written in Node.js


  • CompTIA Net+– Intro to all things networking
  • Sec+– Intro to all thing security
  • CEH– Intro to the field of ethical hacking with a theoretical tighter focus on attacking systems
  • eJPT– One of the first “hands on” certs recommended a new person. It starts to focus on the Pentest side and how engagements are run
  • PTP– The more “advanced” version of the eJPT, this course work broadens the knowledge from the eJPT in hands on environment
  • OSCP/PWK/PEN-200– It goes by a handful of names now, but the OSCP certification is usually the hiring baseline for pentester/offsec engineer roles

These are just a fraction of the training and certifications available in the cybersecurity space but are the ones usually in reach for people just getting started.

About OnDefend:

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world threats. From ensuring compliance with industry standards to building out mature security programs our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit


Connect with Us to Stay in Touch