Ethical Hacking in 2023 – Top Projects, Books, and Movements

Studies show there’ll be an increase in demand for ethical hackers – almost 30% by 2026. That gives anyone plenty of time to learn what ethical hacking is, what an ethical hacker does, and whether this is a good career or hobby to follow. So, how is ethical hacking looking in 2023?

Ethical hackers employ their skills to help businessmen and companies look for vulnerabilities in their systems. In 2023, tech-savvy people could learn to hack ethically from home using books and courses. This career path is interesting, fun, and well-paid – but it can lead to burnout.

Do you have what it takes to become an ethical hacker? This career is not for everyone – and, sometimes, not for those who love technology either. It’s a job that requires you to know as much about network protocols as it requires to have soft skills.

What Do Ethical Hackers Do?

An ethical hacker works the same way as cybercriminals do but to benefit companies instead of harming them. In other words, they use their skills to look for vulnerabilities before black hat hackers do.

Someone in ethical hacking uses their skillset to find issues in software, hardware, and employee training. For example, they’ll send out an email offering a fake discount to see if employees will fall for a phishing scam, which is a critical area in a company’s cybersecurity.

It’s important to understand the role of an ethical hacker – and how to differentiate them from others.

Types of Hackers

  • White Hat. Lawful citizens who have the highest regard for the law and love for cybersecurity become white hat hackers (which is another name for an ethical hacker). They comply with rules and regulations and use their skills to help companies protect their interests from cybercriminals.
  • Gray Hat. Those who don’t esteem the law that much but know it’s not a good idea to break it are gray hat hackers. They don’t actively break the law – but will do so if they absolutely have to. Gray hat hackers often have good intentions when they break the law (e.g., hacktivists).
  • Black Hat. Hackers who have no regard for the law and will break it to make money are black hat hackers. They don’t care about rules, regulations, or safety – and will actively go against all three to make ends meet. Ethics means very little to this type of hacker.

Ethical Hacking vs. Penetration Testing

It’s important not to confuse ethical hacking with penetration testing. These career paths are both great (and, sometimes, rather similar) but differ in execution.

Ethical hackers, as you know, work for companies looking for vulnerabilities and places where cybercriminals can do harm. They’ll read code, check hardware, talk to employees and managers, and more.

Penetration testers are after the same thing: patching vulnerabilities before cybercriminals find them. However, they perform black box testing. This approach has a pen tester attack a company the same way a real hacker would do so (with no knowledge of the inner workings of their cybersecurity).

In other words, ethical hackers look for vulnerabilities from the inside, while pen testers look for vulnerabilities from the outside.

Is Ethical Hacking a Good Career in 2023?

Becoming an ethical hacker is a great choice if you have what it takes. It’ll give you a good salary, an interesting job, and plenty of challenges to tackle.

However, it’s important to know real life hacking isn’t the same as in movies. It’s tedious at times. Sometimes, it’s repetitive. It could also be a tense job, especially if you’re working in high-risk environments.

There are great books on ethical hacking that’ll show you what the day-to-day of this career looks like (and we’ll list a few at the bottom of the article). You can compare the benefits and challenges to make a quick comparison.

Ethical Hacking Benefits

  • Always Interesting. One of the best things about cybersecurity is how interesting it is. New stuff is always happening, meaning you’ll never get a boring day at the office in this line of work. You always have to check something, learn something new, or try something different to have the tightest security protocols possible.
  • Good Salaries. The private tech sector pays rather well. Government tech jobs aren’t incredibly well-paid, but they offer a great deal of stability. Either way, you’ll do just fine if you’re a great ethical hacker. You can always jump ship if you don’t like your current job – because there’s always a demand for cybersecurity experts!
  • Fun Job. Salaries alone won’t make anyone become a white hat hacker. This career attracts so many people because of how fun it is: ethical hackers spend their time toying with software, testing people, and learning new ways to stop cybercriminals.

Ethical Hacking Challenges

  • Burning Out. Professionals never stop learning, even when they are done with college (if they went). Cybersecurity is an ever changing area: new malware always pops up as black hat hackers come up with new ways to do harm. In response, ethical hackers have to continue studying new vulnerabilities to protect their clients. Having to always be on your toes could burn you out.
  • Costly Mistakes. Cybercrime costs continue to rise: studies show we’ll see it go over $10 trillion in a few years. Companies will hire ethical hackers because of that number, though they’ll have little tolerance for those not being able to stop a breach in time. White hat hackers have a delicate job, and they can’t forget that.
  • Soft Skills Matter. Ethical hackers need to be great at cybersecurity – but they have to be able to explain the issues they find to laypeople. In other words, communication skills are important in this area, which could be problematic for some. Fortunately, you can always improve your soft skills!
  • No WFH. Working from home is one of the biggest advantages of having a job in the tech sector. Unfortunately, ethical hacking is a very hands-on approach: you need physical access to hardware and proximity to people to make sure everything and everyone is doing their part. That means you’ll spend a lot of time at the office – and little to no time working from home.

How Much Does an Ethical Hacker Make?

An ethical hacker earns between $75,000 and $105,000 yearly. Those with a few years of experience under their belt make more than $120,000. In comparison, the median American salary is $30,000.

Your salary as an ethical hacker will vary a lot depending on where you work. The private sector offers more money but less stability. Government jobs are the opposite.

At the same time, the private sector offers different levels: startups tend to be more relaxed places to work, while FAANG-like companies (i.e., Amazon, Meta, etc.) are stressful companies with the best salaries on the market.

How To Become an Ethical Hacker

You can become an ethical hacker by attending college or self-learning. Both methods are acceptable and enough to land you a job.

Of course, the college route will fast-track you to a job, but not having a degree isn’t the worst thing that could happen if you want a job in tech.

Are you going to college to become an ethical hacker? Look for an IT-related degree and look for a job when you graduate. Try to become an active member of the cybersecurity community and get certifications to improve your chances of getting a high-paying job.

Do you want to teach ethical hacking on your own? Start by picking up a book or course and follow our 5-step guide below.

5 Ethical Hacking Courses

  • Udemy: Learn Ethical Hacking From Scratch. Are you a complete beginner? Do you want to learn hacking from scratch? You can do so by following this 16-hour-long course on the subject. It’ll teach you what you need to know to lay a foundation before moving forward to intermediate courses.
  • Udemy: Hacking for Beginners. An alternative to the course above you’ll also find in Udemy. We recommend this one to those who want to dip their toes in the hacking pool but don’t want to take a deep dive yet. It’s only five hours long – and you will get to the fun stuff in less than two hours (i.e., your first hack).
  • LinkedIn: Become an Ethical Hacker. It’s a great place to start for beginners, though we wouldn’t recommend it for people who know nothing about hacking. It’s ideal for those who already have a foundation and want to get ready for their first certificate, as this course prepares you to pass the Certified Ethical Hacker exam.
  • Cybrary: Penetration Testing and Ethical Hacking. This course is perfect for people who already know the basics or have fallen off the wagon and want to pick up ethical hacking again. It’s seven hours long and covers ethical hacking and penetration testing basics (and some intermediate stuff). This course is not for complete beginners.
  • EdX: Cybersecurity Basics. This course is the most complete on this list – and perfect for those serious about learning ethical hacking. It’s a 6-week course with a 5- to 7-hour weekly workload. What’s the best part about it? It’s free!

5 Ethical Hacking Books

  • Hacking: The Art of Exploitation by Jon Erickson. One of the go-to hacking reading materials, albeit a tad heavy for beginners. You’ll have a solid foundation of not only hacking but programming (it teaches you how to program in C) after you read this book from cover to cover.
  • The Hacker Playbook by Peter Kim. This book is perfect for people who want to jump in the pool and start swimming (or hacking) right away. It offers game plans, examples, and lessons from the real world. There are several installments. We suggest picking all three if you can.
  • We Have Root by Bruce Schneier. If you’re not looking for a manual or a heavy book to read, We Have Root is perfect. It’s a collection of essays you can have by the bed stand table and read every once in a while.
  • Obfuscation by Finn Brunton & Helen Nissenbaum. Ethical hackers must protect the company they work for – but how can they do so if they can’t protect themselves? This short 100-page book provides the best strategies for people to protect their data and prevent malicious actors from stealing it.
  • The Cuckoo’s Egg by Clifford Stoll. An interesting read for people who are interested in cybersecurity. It’s an 80s real-life story of a man chasing a hacker that shows us that the basics (cracking, data collection, forensics, etc.) are still the same many decades later. It’s the best starting point if you love reading fiction because this non-fiction book feels like a novel.

5-Step Guide To Getting Your First Job as an Ethical Hacker

1. Learn Linux

You probably expected us to tell you to start by learning how to code or trying to hack something on your own – but that comes later. The very first thing you have to do is learn how to use a Linux kernel.

Why Linux for ethical hacking? Because it’s a hands-on OS everyone uses for hacking and most IT-related things. The network you’ll soon have to protect or attack is probably running Linux.

At the same time, most hacking operating systems are Linux kernels (e.g., Kali Linux, Parrot OS, and BlackArch).

For that reason, you need to pick a simple kernel (e.g., Ubuntu or Linux Mint) and install it. Play around with it. Use it as your OS while you follow the rest of this guide.

2. Start Coding

Programming is a big part of hacking, no matter what anyone tells you. Let’s put it this way: how can you hack something if you don’t understand how it works?

At the same time, programming languages will help you create tools that’ll automate a big part of your job.

So, pick an easy language and start there. Most agree Python and JavaScript are your best choices to start with: Python is one of the easiest and most common languages available; JavaScript is the key that unlocks web development (and web hacking).

3. Become Experienced

Getting experience without a job is difficult – but far from impossible. In fact, you can do so right now.

Look for hacking websites (e.g., HackTheBox, TryHackMe, HackThisSite) and play around there. Make sure you pick one and stick with it: don’t jump from one site to the other when things get difficult!

At the same time, you can look for Capture The Flag challenges. CTFs (e.g., OverTheWire) simulate real life hacking experiences (though they’re not the same thing) and help you understand how things work.

4. Get Certified

At this point, you have knowledge and experience – but can’t show it to potential employers. Cybersecurity certifications such as the ones from CompTIA and ProfessorMesser are great.

A small bridge between hacking websites and certifications is the PortSwigger course. You can follow it to the end and get the Burp Suite cert.

College graduates should look to get certified too. It’ll give you an edge over other applicants when looking for a job, especially if you don’t have a strong resume yet.

5. Build a Resume

An impressive resume isn’t long but strong. Don’t have it full of filler.

The more certs you have, the better, though that doesn’t mean you should try to make your resume seem bigger by listing every course you passed (because courses and certs aren’t the same in the eyes of a recruiter).

Once you have a resume, start applying to as many jobs as you can. People without a college degree should try to get an entry-level IT job (such as a help desk position) and move up from there.

The hard part is getting your first job. Your career will skyrocket from there – so don’t give up if you’re having a hard time getting that first win!

Is Ethical Hacking the Right Career for You?

A career in ethical hacking is perfect for people who love a challenge. Ethical hackers have to be willing to continue learning throughout their life and think outside the box when they face a new challenge.

Should you become an ethical hacker? It’s hard to say! This career path is for people passionate about technology and those who love tinkering with things. Being able to explain complicated stuff in simple ways is also a must (otherwise, how are you going to explain the dangers of a new vulnerability to management?).

The best way to see whether you’re a good fit is to dip your toes: pick a book or a course and follow through. You can also follow our 5-step guide to becoming an ethical hacker and see how far you get.

Takeaways

Ethical hacking looks like a great career to pursue in 2023 – and it’ll continue to be that way in the near future. Those interested can learn about it with books, courses, and gamified activities. Turning your passion for hacking into a job could reward you with an interesting career, though it could take some time, especially if you’re starting from scratch.

Herman

Herman McCargo is a Cyber Defense Analyst here at U.S. Cybersecurity. He’s been in the technology field for over 20 years and has expertise working with the most critical technology infrastructures. He has a deep understanding of cyber risks, threat mitigation and prevention, and overseeing infrastructure.