Ethical Hacking

ssnyderu2ssnyderu2 Posts: 475Member ■■■□□□□□□□
Hello. My 12 year old daughter has expressed interest in being an ethical hacker. I want to be able to give her a taste of what this is like. What do you recommend as a good start for this?
2019 Goals: 70-698, CCENT, MCSA 2016
Certifications: A+, Network+, Security+, CIW Foundations and MTA OS Fundamentals
Cisco Lab :3x Cisco 2811 Routers, 3x Cisco 3750 Switches and Cisco 2620 Router with NM-32A module
Windows Lab: Dual CPU Hyper-V server with 12 Cores/24 Threads, 96GB RAM and 2TB HDD.
CANCER SURVIVOR! In Remission Since September 2016!

Comments

  • TechGuru80TechGuru80 Posts: 1,539Member ■■■■■□□□□□
    I would start her with very basic programming or programming like experiences. Google coding for kids or something similar and I’m sure you can find things.

    If she actually saw REAL hacking instead of Hollywood hacking, she probably would get bored at her age...also at her age it wouldn’t be responsible to give her real tactics as she wouldn’t have the necessary discretion to not get into real trouble.
  • ssnyderu2ssnyderu2 Posts: 475Member ■■■□□□□□□□
    Thanks for the info. Getting into trouble is why we are looking into CEH. She expressed an interest in hacking, so I steered her toward the ethical side. :) She also talked about software development, do coding for kids would kill 2 birds with 1 stone.
    2019 Goals: 70-698, CCENT, MCSA 2016
    Certifications: A+, Network+, Security+, CIW Foundations and MTA OS Fundamentals
    Cisco Lab :3x Cisco 2811 Routers, 3x Cisco 3750 Switches and Cisco 2620 Router with NM-32A module
    Windows Lab: Dual CPU Hyper-V server with 12 Cores/24 Threads, 96GB RAM and 2TB HDD.
    CANCER SURVIVOR! In Remission Since September 2016!
  • 636-555-3226636-555-3226 Posts: 976Member ■■■■■□□□□□
    Kali + YouTube is probably easiest and cheapest.

    Otherwise I'd start her on the standard infosec path so she has a bit of diverse background from which she can then delve deeper. My recommendation here would be to study for Security+ with the Darril Gibson book. Not sure if CompTIA has an age limit, but she doesn't need to take the test to learn the stuff. Security+ will set her up for the next step, like Kali + YouTube
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 1,054Member ■■■■■■■□□□
  • PC509PC509 CISSP, CEH, CCNA: Security/CyberOps, Sec+, CHFI, A+, Proj+, Server+, MCITP Win7, Vista, MCP Server 2 Oregon, USPosts: 772Member ■■■■■□□□□□
    Kali, a few VM's, YouTube. Get some easy stuff (MS07-063 I believe is a huge one that is fun) to pique her interest. From there, it's more difficult, but seeing how it works and getting that initial easy one going is a lot of fun.
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 4,048Mod Mod
    Sign her up for eLearnSecurity eJPT :)
    Goal: MBA, Jan 2021
  • TechGuru80TechGuru80 Posts: 1,539Member ■■■■■□□□□□
    Some suggestions here make me laugh...just realize if she attacks for example a bank, and they pursue charges...it’s gonna be you going to jail...

    There is a reason why there is an age limit on a lot of security and hacking certifications.
  • iBrokeITiBrokeIT GXPN GPEN GWAPT GCIH GCFE GICSP GSEC eJPT Sec+ Posts: 1,260Member ■■■■■■■■■□
    TechGuru80 wrote: »
    Some suggestions here make me laugh...just realize if she attacks for example a bank, and they pursue charges...it’s gonna be you going to jail...

    What? Care to back up that claim with some examples of that actually happening?
  • shoeyshoey Posts: 111Member ■■■□□□□□□□
    ssnyderu2 wrote: »
    Hello. My 12 year old daughter has expressed interest in being an ethical hacker. I want to be able to give her a taste of what this is like. What do you recommend as a good start for this?

    My daughter (first kid) was born in August... I dream of the day she asks me about something like this!
    "I have missed more than 9,000 shots in my career. I have lost almost 300 games. 26 times, I've been trusted to take the game winning shot and missed. I've failed over and over and over again in my life. And that is why I succeed." - Michael Jordan
  • shoeyshoey Posts: 111Member ■■■□□□□□□□
    TechGuru80 wrote: »
    Some suggestions here make me laugh...just realize if she attacks for example a bank, and they pursue charges...it’s gonna be you going to jail...

    There is a reason why there is an age limit on a lot of security and hacking certifications.

    Yup... it's truly sad how much of our hard earned tax dollars are spent on incarcerating 12 year old girl hackers icon_wink.gif
    "I have missed more than 9,000 shots in my career. I have lost almost 300 games. 26 times, I've been trusted to take the game winning shot and missed. I've failed over and over and over again in my life. And that is why I succeed." - Michael Jordan
  • TechGuru80TechGuru80 Posts: 1,539Member ■■■■■□□□□□
    shoey wrote: »
    Yup... it's truly sad how much of our hard earned tax dollars are spent on incarcerating 12 year old girl hackers icon_wink.gif
    Parents do occasionally go to jail because of their kids actions...especially if it can be proven that there was incompetent parents.

    Also, fines and lawsuits are a very real thing...ever heard of going for the deepest pockets?

    The funny part is mainly how we spend time telling people to build their foundation and then specialize...yet there are several suggestions for a 12 year old to hack away..that’s pretty funny. Also a bit short sided...teaching a kid to program will make them so much more valuable in any tech career instead of just what’s hot...it’s about setting up for long term success not just instant gratification.
  • shoeyshoey Posts: 111Member ■■■□□□□□□□
    TechGuru80 wrote: »
    Parents do occasionally go to jail because of their kids actions...especially if it can be proven that there was incompetent parents.

    Also, fines and lawsuits are a very real thing...ever heard of going for the deepest pockets?

    The funny part is mainly how we spend time telling people to build their foundation and then specialize...yet there are several suggestions for a 12 year old to hack away..that’s pretty funny. Also a bit short sided...teaching a kid to program will make them so much more valuable in any tech career instead of just what’s hot...it’s about setting up for long term success not just instant gratification.

    I actually agree with you. Just wanted to be a [email protected] icon_cheers.gif

    Obviously teaching a kid (or adult for that matter) how to hack comes with inherent risks; but I also think (imho) that if a specific area interests a kid it might be worth it to indulge them... In a responsible manner. If I sat down with my nephew to teach him about programming he'd lose focus in 10 minutes. Whereas when my brother helps him with programming in mindcraft he has to set time limits otherwise they would be there all day.
    "I have missed more than 9,000 shots in my career. I have lost almost 300 games. 26 times, I've been trusted to take the game winning shot and missed. I've failed over and over and over again in my life. And that is why I succeed." - Michael Jordan
  • aderonaderon CISSP, CCNA:S, CCNA:R&S, AWS:CSA Assoc, Sec+, Lin+, A+, Net+, Proj+ Posts: 404Member ■■■■□□□□□□
    Hmmm.. that's a toughie. I'm not an ethical hacker, so take this with a grain of salt lol. But, to be honest, it might be worth introducing her to a simple programming language. Kids seems to be able to pick up some of the easier programming languages if given a bit of guidance. Knowing how to program is an immensely useful skill and would benefit her significantly when hacking.

    I agree with some of the other posters here, that diving into actual hacking right off the bat wouldn't be a good idea both from a responsibility perspective and an interest perspective (she'd likely get bored).

    But, maybe just to have some fun and pique her interest, you could teach her things that most kids would consider hacking but really isn't. Like teaching her how to use "net send" to send messages to other computers, how to use a batch file to spam the screen with a ton of notepad.exe, how to redirect sites with the hosts file, etc.
    2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started)
  • yoba222yoba222 Posts: 1,055Member ■■■■■■■□□□
    I haven't gotten to reading either of these yet but they look like they'd fit the bill:
    Raspberry Pi for Secret Agents:https://www.barnesandnoble.com/w/raspberry-pi-for-secret-agents-third-edition-matthew-poole/1124097502
    Python for Secret Agents:https://www.packtpub.com/application-development/python-secret-agents-volume-ii
    2017: GCIH | LFCS
    2018: CySA+ | PenTest+ |CCNA CyberOps
    2019: VHL 20 boxes
    2020: OSCP | CISSP
  • TeKniquesTeKniques OSCE, OSCP, CISSP, CISA, SSCP, MCSE (03), Security+, Network+, A+, Project+ Posts: 1,262Member ■■■■□□□□□□
    I would start with having her learn the Windows and Linux operating systems in detail. She'll also want to learn network protocols and how they work. Without that foundation knowledge it's hard to just start to pick up Kali and know why certain tools work and how to enumerate a target. Immediate exposure to programming languages as others have mentioned is important; Python would be a great scripting language to start with.
  • TheFORCETheFORCE Senior Member Posts: 2,297Member ■■■■■■■■□□
    TeKniques wrote: »
    I would start with having her learn the Windows and Linux operating systems in detail. She'll also want to learn network protocols and how they work. Without that foundation knowledge it's hard to just start to pick up Kali and know why certain tools work and how to enumerate a target. Immediate exposure to programming languages as others have mentioned is important; Python would be a great scripting language to start with.

    That's the best advice that has been given in this thread.

    How do you expect a 12 year old to understand the concept of enumeration and reconnaissance when they don't understand how other devices talk with one another, or what is the significance of an open port or a vulnerable service when they don't understand what a port or a service is.
    Teach her the fundamentals of networking and operating systems, start her of with a Linux flavor as a primary OS and take it from there.
  • GattsuGattsu Posts: 8Member ■□□□□□□□□□
    Deffintly first the basics: Understanding computers hardware etc, maybe basic programming. You can also buy a raspberry pi and teach basic programming there is a lot of projects on the website of raspberrypi even for kids.
Sign In or Register to comment.