Technical hacking skills

/ By / Digital Transformation and Innovation / Cybersecurity

This is a discussion of the technical hacking skills of ethical hackers – the foundational technical hacking skills for higher education students learning ethical hacking of computer systems. This synthesis is based on work I completed in a uOttawa PhD thesis (2020) on the topic of ethical hacking sociotechnology.

  • What do ethical hackers do?
  • The penetration testing process
  • Teaching ethical hacking skillset (framework)
  • Key cybersecurity risks for businesses
  • Information security risk governance

You may also be interested in OSINT analyst competency areas.

What do ethical hackers do?

  • Penetration testing
  • Vulnerability assessment vs penetration testing
  • Risk assessment
  • Security assessment vs security audit
  • Responsibilities of ethical hackers
  • Roles of ethical hackers

Two Key Ethical Hacking Paradigms
Table 15: Vulnerability Scan and Penetration Test Comparison (Rodger, 2013, p. 49)
Table 10: Professional Ethical Hackers Coding Table

The penetration testing process

  • Steps of the penetration testing process
  • Open source penetration testing methodologies
  • The penetration test report

Types of penetration tests
OSINT and network enumeration and scanning and tools/technologies.

Table 17: Five Phases of Reconnaissance
Table 18: Pen Source/Free Tools—for Network Penetration Testing
Table 19: Properties of a Network and Whether they Can Be Discovered Passively
Table 20: Information Security Assessment Methodologies

Teaching ethical hacking skillset (framework)

A broad framework of teaching ethical hacking skills in computer science, computer engineering, and software engineering undergraduate programs in higher education was constructed based on in-depth interviews with ethical hacking university experts and industry practitioners. See Teaching Ethical Hacking Skillset Framework, Technical hacking skills (reproduced below).

The case study methodology

Interview Participants by Area of Expertise

1. Technical hacking skills
1.1. Software design and software security testing
1.1.1. Vulnerability discovery and vulnerability assessment and knowledge of exploits, scripts, and viruses and how they work (PPT3, PPT8, PPT14, PPT6, PPT12).
1.1.2. Software coding and programing skills include knowledge of software languages, especially C, C++, and JavaScript (PPT3, PPT14, PPT12).
1.2. Network design and network security testing
Skills to protect a future employer’s IT infrastructure or IT network system against unauthorized use or access, including how to test a company’s defences (PPT3, PPT8, PPT14, PPT6, PPT12).
Defense in depth (layered security to protect data/mission critical assets and information management system).
A solid understanding of network protocols – common network protocols, the TCP/IP model, and the OSI model.
A solid understanding of network services – IP addressing, Domain Name System (DNS), primary domain email service, Internet access, web content filtering, firewalls, VPN termination, and intrusion prevention systems (IPS).
Use of multiple information gathering techniques to identify and enumerate targets running various operating systems and services.
Ability to identify existing vulnerabilities and to execute organized attacks in a controlled manner.
Ability to identify and exploit XSS, SQL injection and file inclusion vulnerabilities in web applications.

The key idea is to teach students when they’re designing networks, when they’re designing software, these are vulnerabilities to watch out for, these are vulnerabilities to test for, but they’re all the kinds of things that, if you are going to be a hacker, that you would need to know about, because you’d try to exploit those. And if you’re an ethical hacker, you’re going to try to exploit those just the same as if you’re a black-hat hacker. (PPT3)

Software design and software security testing

Software security testing practices include vulnerability discovery and vulnerability assessment and knowledge of what exploits exist and how they work, how viruses work, and how to write and execute scripts (PPT3, PPT8, PPT14, PPT6, PPT12). Software coding and programing skills include knowledge of software languages, especially C, C++, and JavaScript (PPT3, PPT14, PPT12).

PPT3 says teaching students secure software development means teaching them how to discover vulnerabilities and how to perform security testing.

I teach about ethical hacking, and I say that it’s valuable to learn the skills as a professional to be able to investigate your own software that you’re developing to start with, to see if you can crack it, and that’s a starting point, because you want to get your software to be defendable against people who are unscrupulous, and so for some testing purposes, you need to have basic hacking techniques to try and break into it and make sure that it’s safe. (PPT3)

PPT14 says higher education should teach students how to “develop an awareness and expertise of what (hacking) tools are available” and “how exploits such as Metasploit, Nmap, etc. work” so as to be able to test their own products. “If you want to develop a good encryption algorithm, it’s widely recognized that you need to know how to break cryptographic algorithms.” PPT8 says the idea is to teach computer science students software skills so that “they become better developers. And they go out there and they build software with the recognition of the kind of ways their stuff can be exploited, and they know to avoid doing stupid things.”

The second set of technical skills within the software security parcel refers to software coding or software programing skills. PPT14 says ethical hackers “must have knowledge of technical languages.”

The flaws that are exploited boil down to language-specific issues. You need to know C, even if you don’t think C should be used in programming new systems. There is a large legacy base of C and C++ code that continues to be exploited. (PPT14)

Ethical hackers need to learn JavaScript because it is “inevitably used in web security exploits. JavaScript inserted into HTML pages as the basis for browser server interaction” (PPT14). PPT12 adds, ethical hackers need knowledge of “a lot of different programming languages and with enough depth” that they can find implementation problems with them. Depending on “the depth of the ethical hacking exercise” ethical hackers may need “to be able to either edit or write shell scripts like something a system admin would do.” “If you want to go really deep into it, you’re going to want probably grab some binary files and do a reverse engineering on them … skills in terms of low-level skills like assembly language skills are very important.” For PPT12, “a minimum toolkit” would be “a C, C++, a bit of java, Pearl, Python.” Java “is mainly because of the server-side web, the middleware platforms. So, it’s either doing ethical hacking or like a red alert, red-teaming on something which has a web front thing … This is where I see the Java, server side Java helpful.” Python “is for all of the exploit development, the shell development. There’s lots of libraries and toolkits … basically since 2008, 2009, Python became the defacto grand development language in the security field.” “C, C++ is for the low-level applications, like understanding how the coding conventions work, for like when you’re doing the assembly, the machine language assembly level” (PPT12).

Network design and network security testing

The second broad area of technical hacking skills concerns equipping students with the necessary skills to protect their future employer’s IT infrastructure or IT network system against unauthorized use or access, including how to test a company’s defences. PPT14 says, to protect the IT system of their future employers, students would need to know what network hacking and testing tools are used in the wild, including,

vulnerability assessment tools like Nmap, things like Metasploit which have both the legitimate and non-legitimate uses. There’s a tool called Netcat. Tools that allow you to do TCP/IP session hijacking. Tools that allow you to do ARP spoofing. There are very powerful toolkits that are available for free. And knowing how to use those is, I think, important. (PPT14)

PPT3 says students should know how to test a future employer’s company defenses. “You might want to build skills to put yourself forward as a professional, to be able to say, Okay, this company, let’s see if I can break into your systems using whatever tools I can, so that we can test its defenses.” PPT6 says, students need skills related to “infrastructure layout” of a company’s computer network. “On a basic level, you’d have a single layer of security, you have a firewall. And it’s how do I get through that firewall? … then, as we get higher up, we start using packet sniffers … we basically look at interactions on the network.”

Table 9: Hacking Skills Coding Table (Network Penetration Testing)
Table 23: High-Level Network Security Risk Management Concepts

Teaching vs Practice insights

This discussion sheds light on the nature and potential causes of a Teaching vs Practice cybersecurity skill gap–that is, computer science and computer engineering programs should include more offensive hacking skills in the curricula, there is a need for hands-on experience/specializations in software and network security and security testing skills, and there is a need to establish credentials for ethical hacking practitioners through licensing/accreditation programs.

PPT11 says programs in CS and CE in higher education should teach more offensive hacking skills. “The stuff you see in school is defensive that’s being taught, how to secure systems.” For PPT12, teaching students hacking skills would entail teaching them how to find holes in software and network systems and how to conduct a full blown attack on an IT infrastructure or information management system. “For me, ethical hacking is done in an organization who wants to improve their security posture by doing full blown cybersecurity attacks on their infrastructure.”

Basically finding holes in either the software infrastructure, could be the network infrastructure, could be the hardware involved as well. It could involve bad procedures which could lead eventually to a security hole and I would also include social hacking techniques as part of ethical hacking. (PPT12)

Interviewed participants from both camps–those who teach and those who practice ethical hacking or hire ethical hackers–supported a need to teach higher education students studying in CS and CE disciplines offensive hacking skills but with seemingly different levels of emphasis. Industry practitioners seemed generally more emphatic or explicit about the need for real-life offensive skills.

If an organization wants to do it right … you want to get the people who could do it for malicious reasons. It’s the same skill sets. If you don’t have the same skill sets, the danger is adding it in such a way that would leave security holes or will leave potential attacks or potential attack surface which won’t be revealed. (PPT12)

In comparison, university experts seemed less emphatic about the need to teach students more offensive hacking skills.

As a professional engineer, I’m bound by the PEO code of ethics, and among the items in that, I shouldn’t bring the profession into disrepute. So one has to be careful to be completely above-board, and make sure that one doesn’t, for example, get bad press for teaching hacking. Because that could be considered to be bringing the profession into disrepute. I’m also bound by the software engineering code of ethics, the ACM code of ethics, the IEEE code of ethics … I’m bound by a number of codes of practice. (PPT3)

The university experts’ general endorsement of teaching more offensive computer hacking skills can be construed from a combination of key words or expressions they used, and a seeming emphasis on certain defensive concepts such as vulnerability discovery, developing secure code, and security testing.

Interviewed ethical hacking university experts on teaching students offensive hacking skills (table)

Interviewed ethical hacking industry practitioners emphasized the necessity of hands on/specializations in cybersecurity skills.

You need some hands-on experience, and that’s where things like co-op programs come in. I’ve hired a number of co-op students, and if after two or three work terms, yes, they’re market ready, but they need to have the hands-on, practical, in-the-field experience in security. (PPT11)

PPT6 says “right now, I mean, it’s really hard to get that job right out of university because you don’t have the skillsets or the experience … You have to do all these other certifications, and even then you’re not necessarily ready, you’re just kind of ready.”

Ethical hacking high-level concepts (framework)

Online course descriptions for select computer science, computer engineering, and software engineering courses taught at two Canadian universities were surveyed for network security testing (penetration testing) high-level concepts (technical and social hacking skills) against a provisional framework of skillsets, Ethical Hacking High-Level Concepts (3 Levels of Abstraction). The results are summarized in Table 11: Ethical Hacking Skills/Knowledge High-Level Concepts in CS/CE/SE Programs.

Ethical Hacking High-Level Concepts (3 Levels of Abstraction)
Table 11: Ethical Hacking Skills/Knowledge High-Level Concepts in CS/CE/SE Programs – case studies

Key cybersecurity risks for businesses

A combination of social engineering and malware, especially ransomware.
Identity theft through social engineering and phishing schemes is an important security concern for many businesses.

Table 1: Cybersecurity Threats Facing Individuals, Businesses, and Society (CSE, 2018)

Information security risk governance

Information security definition
Information security definition
Understanding information security risk
The place of information security in enterprise IT governance

Types of information security attacks – confidentiality, integrity, and availability

IT governance and cybersecurity regulations
IT governance
–Steps of the Information Security Risk-Based Management Approach (Adapted from Cobb, 2019)
–Information Security Risk in Higher Education (Adapted from EDUCAUSE, 2019)
–Key IT governance frameworks
–Table 7: IT Security Governance and IT Security Management (Adapted from Educause.edu)
Cybersecurity regulations
–Key Cybersecurity Regulations

Network security risk mitigation best practices
Layers of a computer network and classes of cyberattacks
Network security risk mitigation

Related content

Abu-Shaqra, B. (2015). Technoethics and organizing: Exploring ethical hacking within a Canadian university (2015-04-24T13:40:05Z) [Master thesis, University of Ottawa]. uO Research.

Abu-Shaqra, B. (2020). Technoethics and sensemaking: Risk assessment and knowledge management of ethical hacking in a sociotechnical society (2020-04-17T20:04:42Z) [Doctoral dissertation, University of Ottawa]. uO Research.

OSINT analyst competency areas

Professional ethical hacking body of knowledge

Social hacking skills

The ethics of ethical hackers

The ethics of ethical hacking

The penetration testing process

What do ethical hackers do?

Back to DTI Courses

Related Posts

Text copying is disabled!