krypton logo as loader
Be Patient!

Ethical Hacking for beginners: A step by step guide to cybersecurity

Discover the world of cybersecurity and ethical hacking, what things are there and how to get started with this ever-evolving field.
Ethical Hacking for beginners: A step by step guide
Image by Freepik

Ethical Hacking is an act of finding the loopholes, vulnerabilities, attempt to gain unauthorised access in a system, application or a device in an authorised manner.

As per the definition, Ethical Hacking is about responsibly exploring electronic devices. Our world is digital, with everything from cars and computers to Smart TVs and homes connected to the internet. We're in the digital era, often called the Internet Age. Our lives are interconnected, sharing and receiving information online.

With great power comes great responsibility. A misstep can lead to serious consequences – invading privacy, emptying bank accounts, and even criminal charges. That's why understanding cyber security is essential: to counter malicious hacking, protect our systems, and create a secure online environment.

The realm of ethical hacking and cybersecurity is vast and includes specialized fields:

To begin your journey, grasp the basics of Linux (operating systems, file systems), command-line interface (CLI), a programming language (preferably Python or any other scripting language), ciphers, and cryptography.

This beginner's guide breaks down each topic, providing resource links for self-learning and hands-on practice.

Digital forensics

Digital forensics involves recovering, analyzing, and examining digital device contents, such as mobile phones, hard disks, and memory cards. It plays a vital role in criminal investigations, providing essential evidence for court proceedings.

Digital forensics plays an important role in investing criminal cases and nowadays has become a crucial part of criminal investigation. The devices found at the crime scene are transferred to the digital forensics department for recovering the data, this information is vital for the court proceedings and is used as evidence. These pieces of evidence are crucial for investigations.

A career in digital forensics offers lucrative job opportunities, with salaries ranging from 5L to 20L minimum in India. To excel in this field, you need:

  • Attention to detail
  • in-depth knowledge of computer hardware/software
  • Knowledge of various technologies
  • Networking concepts
  • Cyber-security concepts
  • Ready to learn new tools/skills

Reverse Engineering

Reverse engineering is a process of understanding how a device or a system is constructed by means of software as well as hardware. It is a way of identifying the internals of a system and backtracking to recreate it, by analyzing its processes or flow. It’s also known as backward engineering or back engineering. Furthermore, it enables us to find out how a system or a particular device works so that we can create an updated or improved version of it, use our own system to fill the necessary gaps or create a modified system with the functionality to work for our intended task.

In the cyber-security world, reverse engineering is used to analyze malware or viruses and to find out how they work. It is often used to create the tools to patch the damage caused by the malware or neutralize the malware. It’s also used to find vulnerabilities in software/apps.

Proficiency in reverse engineering requires:

  • Proficiency with debugging tools
  • Understanding of Operating systems, CPU architecture and platforms
  • Familiarity of tools like hex editors, disassemblers, debuggers and compilers
  • Programming language as well as understanding of assembly language is a must
  • Understanding of executable file formats, their basics
  • concepts like obfuscation

Binary Exploitation

Binary exploitation is an act of using the security loopholes/vulnerabilities in a software or system to manipulate the software to perform unauthorized actions or that are not normally allowed for the specific user/role. Binary exploitation is used to manipulate the software to perform actions it was not designed to do. These loopholes are used to take control of the system and acquire the shell/perform unauthorized activities.

Mastery of binary exploitation requires:

  • Familiarity with Linux operating systems and command-line interfaces
  • Understanding of Programs/Softwares, Operating systems
  • Understanding of CPU Registers, CPU architecture
  • Knowledge of a scripting language or C
  • Understanding of tools like hex dump, hex editors, file command, strings command

Website hacking

Website hacking is an act of manipulating or accessing the contents of a website in an unauthorized manner. Website hacking is used to access credentials, and sensitive information of a website and its users, or to stop/block its services of it. It also involves changing the contents of the website and acting on behalf of the users.

Website hacking is commonly done by XSS or cross-site scripting, SQL Injection, Brute Force attacks, Hacking admin panels, Dictionary attacks, Denial of service attacks and more.

For website hacking, the following skills are essential.

  • Understanding of web technologies
  • Knowledge of various databases and their types
  • Proficiency in Linux CLI
  • Social Engineering skills
  • Scripting language knowledge
  • Networking concepts
  • Web servers
  • TCP/UPD protocols, ports

Penetration testing

Penetration testing are the activities performed to find out the security vulnerabilities in software/systems and exploit them, penetration testing is performed by ethical hackers and these are authorized cyberattacks on the system to find out the weak points in the system to prevent the loss that may happen by the actual attacks, it is also called as pentest in short.

Penetration testing is useful for assessing the security of an organization, penetration testers use the same tools, techniques and processes as that of an attacker, thus to find out the weaknesses in the system, and performing pen tests helps reduce the risk of data breach from exploiting these vulnerabilities and validate system security.

To excel in this field, you need:

  • Networking skills
  • Proficiency in Linux and CLI
  • Knowledge of wireless networks
  • Understanding of system administration
  • Familiarity with network services, protocols, and types
  • Knowledge of Active Directory
  • Strong Attention to detail


Cryptography is the branch of cyber-security that deals with hiding or converting information so that no unauthorized person can read it. It is a way of securing sensitive information using a set of mathematical rules, and formulae to convert the information in a format that only the intended receiver can retrieve the original contents of the information.

Cryptography is used while storing and transmitting information in a secure communication system, so that no third party, unauthorized user can read the original information, only the receiver with the particular secret key can process the information and retrieve it back.

You need to have following skills to master the cryptography

  • Strong mathematical skills
  • Knolwedge of any programming language, python preferred
  • Number Theory and Number Systems (binary, octal, decimal, hexadecimal)
  • Understanding of Encryption standards
  • Ready to learn tools and write own decryption algorithms


Steganography is a set of techniques used to hide the secret data inside the general non-secret files. the information is hidden in images, audio, video files, these files works normally so one cannot detect that there's something inside these files normally.

Steganograhy is generally performed on image files, zip files, pdf files, audio/video files.

Additional resources

Digital forensics Tools

For digital forensics, you need to investigate the given media files/images and retrieve the important information from that, there are various tools to get started with digital forensics, many of them are free and if you are using kali linux they will come preinstalled.

  • Hexedit
  • Hexdump
  • Wireshark
  • NMAP
  • TCPdump
  • Aircrack-ng
  • Netcat
  • Maltego
  • Digital forensics framework
  • Forensic toolkit

Reverse Engineering Tools

There are many tools for reverse engineering, some provides GUI and rest are based on CLI

  • Ghidra
  • IDA Pro
  • radare
  • objdump
  • objconv

Binary Exploitation Tools

For binary exploitation, the above listed tools are also useful

  • objdump
  • Immunity Debugger

Steganography Tools

  • zsteg
  • steghide
  • OutGuess

Esoteric languages (esolang)

Esoteric languages are programming languages used to confuse, entertain the reader, these languages are meant to test the boundaries of programming language design, but these languages are often used in cybersecurity wargames, CTFs, so having familarity with esoteric languages is always good, it can even used to communicate secretly.

You can find this article for complete list, but here are the few ones:

  • moo language
  • brainfuck
  • Ook

Terms used in this article

Capture The Flag, CTFs are the cyber security competitions that are used to challenge the participants on various concepts in cyber security
CLI is an abbreivation for Command Line Interface, a CLI tool uses the terminal on your system to interact, perform actions, unlike standard apps with user interface
GUI is an abbreviation for Graphical User Interface, software apps come with various interfaces, some are CLI based while some provides beautiful experiences to interact with, that is called GUI

Platforms to practice




In this ever-evolving technology landscape, the importance of cyber security cannot be neglected. the cyber security is a vast field and one needs to have patience and practise to master it. As we explored different fields, areas in cyber security, I hope you liked this articles and may help you understand at least some extent about cyber security, I hope the tools and resources I provided may come to your rescue in you journey, wishing you all the best - krypton!

Next article Choosing the Right Navigation App: Mappls VS Google Maps?

Madhusudan Babar

Say Hello

Thank you for visiting my site. If you have any questions, inquiries, or just want to say hello, please feel free to reach out to me, I'll try my best to get back to you ASAP.