Ethical Hacking

Hello. My 12 year old daughter has expressed interest in being an ethical hacker. I want to be able to give her a taste of what this is like. What do you recommend as a good start for this?
2019 Goals: 70-698, CCENT, MCSA 2016
Certifications: A+, Network+, Security+, CIW Foundations and MTA OS Fundamentals
Cisco Lab :3x Cisco 2811 Routers, 3x Cisco 3750 Switches and Cisco 2620 Router with NM-32A module
Windows Lab: Dual CPU Hyper-V server with 12 Cores/24 Threads, 96GB RAM and 2TB HDD.
CANCER SURVIVOR! In Remission Since September 2016!
Certifications: A+, Network+, Security+, CIW Foundations and MTA OS Fundamentals
Cisco Lab :3x Cisco 2811 Routers, 3x Cisco 3750 Switches and Cisco 2620 Router with NM-32A module
Windows Lab: Dual CPU Hyper-V server with 12 Cores/24 Threads, 96GB RAM and 2TB HDD.
CANCER SURVIVOR! In Remission Since September 2016!
Comments
If she actually saw REAL hacking instead of Hollywood hacking, she probably would get bored at her age...also at her age it wouldn’t be responsible to give her real tactics as she wouldn’t have the necessary discretion to not get into real trouble.
Certifications: A+, Network+, Security+, CIW Foundations and MTA OS Fundamentals
Cisco Lab :3x Cisco 2811 Routers, 3x Cisco 3750 Switches and Cisco 2620 Router with NM-32A module
Windows Lab: Dual CPU Hyper-V server with 12 Cores/24 Threads, 96GB RAM and 2TB HDD.
CANCER SURVIVOR! In Remission Since September 2016!
Otherwise I'd start her on the standard infosec path so she has a bit of diverse background from which she can then delve deeper. My recommendation here would be to study for Security+ with the Darril Gibson book. Not sure if CompTIA has an age limit, but she doesn't need to take the test to learn the stuff. Security+ will set her up for the next step, like Kali + YouTube
There is a reason why there is an age limit on a lot of security and hacking certifications.
What? Care to back up that claim with some examples of that actually happening?
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GCWN | Linux+
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
My daughter (first kid) was born in August... I dream of the day she asks me about something like this!
Yup... it's truly sad how much of our hard earned tax dollars are spent on incarcerating 12 year old girl hackers
Also, fines and lawsuits are a very real thing...ever heard of going for the deepest pockets?
The funny part is mainly how we spend time telling people to build their foundation and then specialize...yet there are several suggestions for a 12 year old to hack away..that’s pretty funny. Also a bit short sided...teaching a kid to program will make them so much more valuable in any tech career instead of just what’s hot...it’s about setting up for long term success not just instant gratification.
I actually agree with you. Just wanted to be a [email protected]
Obviously teaching a kid (or adult for that matter) how to hack comes with inherent risks; but I also think (imho) that if a specific area interests a kid it might be worth it to indulge them... In a responsible manner. If I sat down with my nephew to teach him about programming he'd lose focus in 10 minutes. Whereas when my brother helps him with programming in mindcraft he has to set time limits otherwise they would be there all day.
I agree with some of the other posters here, that diving into actual hacking right off the bat wouldn't be a good idea both from a responsibility perspective and an interest perspective (she'd likely get bored).
But, maybe just to have some fun and pique her interest, you could teach her things that most kids would consider hacking but really isn't. Like teaching her how to use "net send" to send messages to other computers, how to use a batch file to spam the screen with a ton of notepad.exe, how to redirect sites with the hosts file, etc.
Raspberry Pi for Secret Agents:https://www.barnesandnoble.com/w/raspberry-pi-for-secret-agents-third-edition-matthew-poole/1124097502
Python for Secret Agents:https://www.packtpub.com/application-development/python-secret-agents-volume-ii
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
That's the best advice that has been given in this thread.
How do you expect a 12 year old to understand the concept of enumeration and reconnaissance when they don't understand how other devices talk with one another, or what is the significance of an open port or a vulnerable service when they don't understand what a port or a service is.
Teach her the fundamentals of networking and operating systems, start her of with a Linux flavor as a primary OS and take it from there.