Can You Make A Living Out Of Ethical Hacking?

Danny Stieben 29-06-2013

ethical hackingBeing labeled a “hacker” usually comes with plenty of negative connotations. If you call yourself a hacker, people will often perceive you as someone who causes mischief just for giggles. But as I described in this article explaining the difference between good and bad hackers What Is The Difference Between A Good Hacker & A Bad Hacker? [Opinion] Every now and then, we hear something in the news about hackers taking down sites, exploit a multitude of programs, or threatening to wiggle their way into high-security areas where they shouldn't belong. But, if... Read More , there are also ethical hackers that end up doing similar tasks for good and not evil. But while ethical hackers exist, is it possible to make a living with ethical hacking?


I explored the different steps to getting into an ethical hacking career — preparation, experience, and jobs. It turns out that it’s quite possible, but it’s difficult to get into and takes lots of preparation. However, if you stick to it and excel as an ethical hacker, you could create a very nice career path.

What’s an Ethical Hacker?

ethical hacking
A hacker is a person with computer and/or programming knowledge and skills who uses said assets to break into a computer system and exploit it. While the stereotypical criminal hackers break into computer systems to cause havoc, ethical hackers attempt to break into systems without causing too much damage, and then reporting to the owner on their findings. In other words, ethical hackers find holes that criminal hackers could exploit and lets the owner know about them so that they can fix them before any real damage by a criminal hacker is done. Ethical hacking is also known as penetration testing, intrusion testing and red teaming.

Becoming an ethical hacker isn’t an easy task to accomplish — it requires lots of knowledge, especially when it comes to computer system security, and lots of experience to have a shot at an ethical hacking job. In case I haven’t placed enough emphasis on it — experience is vital, even if you have a computer science degree, certificate, or whatever else you may have.

Educational Preparation

ethical hacking tutorial
Before you even get to the experience part, however, it’s still a good idea to understand how computers work and communicate with each other. All of this can be accomplished with a computer science degree or other similar courses of learning — even taking a few courses via openly available “OpenCourseWare” from places like MIT are a great thing to do if you cannot afford taking actual college courses. A degree is preferable, but knowledge and the experience to back it up can be effective as well.

Getting Experience

ethical hacking tutorial
Experience can be gained in two different ways — freelance jobs and good ol’ messin’ around. Using the Internet is crucial as it contains a wealth of free information to help you learn as you try out new things. There are also plenty of resources to look at, such as James’ tutorial on how to crack a WEP-protected wireless network How to Crack Your Own WEP Network to Find Out Just How Insecure It Really Is We’re constantly telling you that using WEP to 'secure' your wireless network is really a fools game, yet people still do it. Today I’d like to show you exactly how insecure WEP really is, by... Read More , the BackTrack Linux distribution that specializes in penetration testing, and tools such as Droidsheep that filter through unprotected wireless traffic. These are just some very basic ways to get started with the whole concept of “hacking”, but there are far more advanced topics that you would need to learn in order to get a serious grasp of what it takes to be an effective ethical hacker.


Please remember that in all your adventures, you should stay within the law with your activities. This means that you should practice techniques on your own equipment, or ask permission from the owner before attempting anything. If you end up doing something that’s illegal, it can forever hurt your reputation in addition to the legal issues, fines, etc.

It’s also helpful to work your way through a number of different certifications, including the A+ certification, Network+ or CCNA, and Security+ or CISSP or TICSA. Corresponding jobs as you work your way up helps a lot too. Don’t expect to go from nothing straight to ethical hacking.

Getting The Job

So once you have a good educational background along with a few years of experience, you’re ready to strike it big as an ethical hacker. Freelance jobs aren’t just a good way to gain experience, but they can also give you a decent amount of revenue, which can increase as your reputation among freelance communities increases. The downside to freelance jobs is that you don’t have a stable position, so income is never as certain as one would like.

Once you’re ready to get away from freelance jobs, you can start applying to different tech companies for permanent positions. Remember that you don’t have to apply to the biggest tech companies — there are so many smaller ones that can pay you just as well. Alternatively, you can also set up a computer system security consultation service in order to be able to work for multiple companies at a time. This can be done in addition to a permanent position, or as a step between freelance work and a permanent job.


Certified Ethical Hacker

ethical hacking
In order to legitimize yourself as a good at ethical hacking, you can become a Certified Ethical Hacker (CEH) by completing a vendor-neutral certification course. This gives you well-rounded expertise on security topics that you may or may not have covered while you were gaining experience on your own. However, in order to receive the certification, you should complete the course or have at least two years experience as endorsed by an employer. Receiving such a certification can give you bragging rights, as well as more leverage on scoring better jobs or pay raises.


So as you can see, it’s definitely possible to earn a living by ethical hacking. Although the process to getting to that point definitely isn’t easy (nor is for every computer guy), it could be well worth it if you’re good at it and enjoy doing it. Plus, you can tell others that you’re doing them a service by keeping them safe online.

Would a career in ethical hacking interest you? What other cool yet unusual computer jobs do you know about? Let us know in the comments!

Image Credits: catatronic, slworking2


Related topics: Hacking, Job Searching, Programming.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Andy jones
    May 21, 2017 at 7:57 am

    After giving it a deep thought on whether or not to trust AT gmail DOT com with a whatsapp and instagram hack i needed him to do for me, i came to a conclusion that it would all work out positively if i hired him for the job due to the good reviews i've heard about him from different people. He far exceeded my expectations and got the job done fast and discretely. Reach him out for help at his email address( AT gmail DOT com), he's good at what he does.

  2. Boris
    November 12, 2016 at 7:43 pm

    It's actually impossible to find a hacker on the clearnet, it took me months to even meet a real one on the darkweb, I was even referred to him actually, if you'd like to contact him as well you'll have to go through me, my email is ""
    Feel free to contact me I'll refer you to him, I can't drop his contact on here for obvious reasons.

  3. Alpha81
    November 19, 2015 at 4:58 am

    Ethical hackers are also known as white hats. That term is used a lot.

  4. Anonymous
    March 18, 2015 at 8:38 pm

    I don't understnd the technicality but i hv always being carried away by the word ethical hacker! I just want to marry one of it n start loving his work.

  5. Zhong J
    June 30, 2013 at 7:56 pm

    Meh, my interests in computers is to explore fundamentally different ways to configure my system and look at the options with all the preset tools available to me. One example would be the different Linux distributions, fascinating but at the same time require some pretense of knowledge. However, Linux is a great catalyst for learning how the system works as I'll hang out in the system log to reveal any warnings or messages that indicate an error in its booting process.

    Hackers are essential in computing due to its extensive uses of patching bugs and looking for exploits. Its roles is big in providing security; I can't become one since it's far too complex in mathematical context and intensity.

  6. Jamie Merlau
    June 30, 2013 at 6:59 pm

    I just finished taking my CEH this morning. While its a really good baseline, it is a bit simplistic in that you are answering questions on how, not actually doing. Applying for a job with this just on your resume would be akin to passing the A+ and applying with just that to a computer repair shop.

    For people first starting out, I would recommend getting a job that is IT related, so that you can get more hands on with networks before you start trying to do vulnerability assessments. It would be quite embarrassing if you couldn't understand why you were not seeing all the traffic on the switch when you forgot to mirror or set up a SPAN port.

    Get familiar with code. You don't need to be a software engineer, but you should be able to read a function in C++ and determine if a buffer overflow or SQL injection is possible. I highly recommend Code Academy:

    Using Virtual Machines to replicate a network environment is also a cheaper way to practice. You can get Virtualbox for this:

    This is the one time I will use Windows without an active license(in a test environment). Also, Kali(the successor to Backtrack) is a fantastic place for an open-source pen testing suite; just keep in mind that it is made for users with knowledge of Linux.

    SANS Institute can be a good source of information, as well as Help Net Security(I've been following this website for years):
    [Broken URL Removed]

    Vulnerability Scanners/IDS are tools to be used as well. You can get open source Tripwire for a Host IDS, Nessues for Vuln Scanning, and Snort for Network IDS, all for free. These are tools that I've seen mentioned in the wanted ads, so it is good to at least understand how they work.

    You will never be able to be a master of everything, so try networking with people (via groups, school, or work) who have more knowledge in other areas. Personally, I'm more network oriented, so I go to friends of mine who are coders when I need more help.

    As the others have said, the original definition of hacker has been perverted.

    • dragonmouth
      June 30, 2013 at 10:31 pm

      "For people first starting out, I would recommend getting a job that is IT related, so that you can get more hands on with networks"
      You want to get "more hands on with networks" you should get a job in networking. Many, if not most, jobs in IT do not expose one to networking. If you want to be a car mechanic, you do not get a job as a sales clerk at an auto parts store.

      • Jamie Merlau
        July 1, 2013 at 1:24 am

        Due to to ubiquitous nature of the Internet, I doubt you would run into an IT position where you are not having to at least deal with connectiviity with connections.

        I'm not saying network engineer level; you're just going to struggle if you don't know the difference between a hub and switch or how to determine how a computer reaches. A quick look at the tech support postings for the Seattle area has positions that have requirements such as:

        -Assist in the active monitoring and maintaining of the network, system security, virus protection, backups, and updates/patches.
        -Maintain Internet and e-mail connectivity and router/firewall configuration.
        -Provides technical support services to users of company's personal computer and telecommunications systems.
        -Acts under supervision as first line of support for employees seeking assistance with applications, network connectivity, computer hardware (desktops, laptops, and tablets), and peripherals.

        I explicitly looked at openings that were titled as level 1 tech positions. The point I was trying to make is that it isn't ideal to try to jump right into the security portion of the field without some hands on prior. Your analogy is a bit off, as I didn't say to get a job in an IT company. A better analogy might be getting a job as an auto parts delivery perhaps?

    • Danny Stieben
      July 1, 2013 at 1:00 am

      Thanks a bunch for all of these tips, Jamie!

  7. dragonmouth
    June 30, 2013 at 11:09 am

    Bill Gates, Steve Wozniak, and most of those that today we consider pioneers of the PC were hackers.

  8. dragonmouth
    June 30, 2013 at 11:04 am

    Originally all hackers were ethical hackers. Only later did the concept become corrupted and the term co-opted to today's meaning.

  9. Brandon Ragoo
    June 30, 2013 at 2:26 am

    The article was very helpful to me. I actually want to become an ethical hacker and I was wondering if I have the correct plan in order to become one. After reading this article I realized the plan I have is actually correct.

    • Danny Stieben
      July 1, 2013 at 12:59 am

      Good to know! I wish you good luck!