Wondering Why You Are Still N00b After Several Hacker Trainings?

Alexis Lingad
6 min readMar 27, 2024

--

Are you one of those people who are still “n00b” even though you bought a lot of hacking courses and attend several hacking trainings?
If yes, then this article is for you!

Image of my top students in my Hacker Academy at the RootCon CTF.

The new generation that is learning hacking today is very fortunate since there are lots of course material and training available for them to learn hacking legally. Well for me, 14 years ago, this is not the case. Usually, I will go to a computer shop and rent a computer for me to find some tutorials online in hacking and when I found one, few weeks later it’s already been down or seized by the authority. Teaching hacking back then is not so well-received especially in the Philippines.

Now, you may be wondering, it’s been months or years that you are taking a lot of courses and different certifications but you are still not confident in hacking. You want to know why? Here are the reasons that I discovered in observing and training these kind of people in my Hacker Academy:

  1. Addicted to Theory, Not on Practicing
    A lot of people are addicted to explore more and more. They wanted to learn a lot of things quickly as fast as they can. They finish courses or certification but after that will move on to another one without digging deeper on what has been learned. There’s nothing wrong with learning the theory and then do some labs for practice. The wrong thing in my opinion is if you allot more percentage of your time in theory instead of practicing. The golden rule is this:
    30% Theory, 70% Practice
    From this golden rule, you will learn a lot of things that you did not encounter in the theory part. You will also know yourself, your weaknesses, so you can focus more on the things that must be focused on to improve yourself. This can also build confidence to the point that if you focus on this golden rule, you will not say that you are n00b because you are confident enough with ins and outs of that specific topic.
  2. No Continuous Training
    I have these observation with companies that put their employees in a training where some employees went to a 3–5 days training and after that they expect that person to be knowledgeable on that topic. These kind of people are also the people that went to me and say they do not feel like they’re an expert or a master already of that specific topic. The problem here? The training that they had on that specific topic is just within those days but after that, they stopped.
    What I did is I put them on continuous training program where they don’t have a choice but to practice it again and again and again. Being a hacker is not just a job. It will be part of who you are, whether you are inside or outside the office, you will be a hacker. So by practicing continuously, they discovered a lot more on that specific topic and became more confident on it. Once they are confident in a specific topic then that’s the time that they can move on to a much more advance level and make this a continuous thing then you will just notice that the gap from your hacker self in Day 1 and in Day 300 is very different with lots of improvement. This is the golden rule for this:
    They say never stop learning, since we are forever students.
    For me, it is, NEVER STOP PRACTICING!

    Of course, this is up to you. Ask yourself, do you want to have the normal life everyone has but you will be a mediocre? Or do you prefer to continuously practice in exchange of knowing yourself better and become the best version of yourself?
    There’s battle in every choices.
  3. Set Up of Environment is Poor
    As much as possible, surround yourself with like minded people. It can be hard if you are surrounded with other people telling what you’re doing is wrong just because it is not the normal path. If there are no other like minded people nearby then learn how to deal with isolation. There is nothing wrong on being alone, it is just the programming of society that if you are alone then you are pitiful. They might be pitying you because you are alone in the times where they’re partying but at the end of the day, some of them might still be mediocre but you just level up and became better in real life! It’s okay to have fun though, but not to the point where you are losing your consistency and identity of who you are as a hacker. The golden rule here is this:
    Do not let the society program you. Instead, hack this program and let it work to your advantage!
  4. It’s No Fun
    When things became boring, it’s hard to get back in hacking. There are lots of ways to make hacking fun, again. Here are some suggestions but not limited to:
    - Gamify your training with some apps like Habitica where you will also find Parties that support each other to be consistent! HackTheBox can be good also since they’re gamifying the hacking in there. These things really helped me a lot to say consistent while having fun.
    - Compete in some capture the flag competitions in hacking with teammates. Although I’m not a fan of CTFs that much, I met a lot of amazing hackers in this scene that inspired me to do better.
    - Write in a journal on what are the things that you will do once you achieve your level of expertise in a specific topic in hacking. Are you using those skills to investigate the current situations of UFOs and the real reason why we’re here on Earth? Or you wanted to create your own cyber security business in the future where you’re planning to make it big? Do not limit yourself!
    - Again, reduce the theory if this makes everything boring. Go out there and hack some machines legally in some platforms or hack some real websites via some bug bounty programs. Sometimes, all it takes is to really dive in and become the hacker that you’re dreaming of.
  5. No Retention Techniques
    Sometimes, a lot of people learn hacking but after the training, it’s all gone. There are two techniques I’m using that is still effective as of to this day. One of it is I already mentioned in the past items which is continuous practice. Second is I think the most important, teaching it to others. By teaching it to others, aside from explaining the ins and outs with the theory, you will also demonstrate it again and again. When you are teaching it, you make sure and being cautious that everything you are demonstrating and presenting are correct. There was also a pyramid that I forgot what it’s called but the “Teaching to Others” is the biggest portion of it in order for you to actually learn and retain those learning in a very long time. Oh while writing this, I found that pyramid. Whether this pyramid is legitimate or not, I don’t care because for myself, it is really effective and I’m here to show you what is effective to me and to other students of mine:
Image of The Learning Theory Pyramid from VSA

Conclusion:
I hope you are having an idea now that I gave you all of the points so you can get out of that prison and fly beyond the limitation that the society programmed within you. You can be a hacker and anyone who dare to try can become one. I’m just here to tell you that there are also other people that is struggling with this problem of yours. And to get out of this kind of struggle is up to you because wherever you go, there will always be a never-ending struggle. You just need to choose the right battle to become the best version of yourself.

--

--

Alexis Lingad

CRTO | OSWP | eCPPT | eCDFP | eWPT | CEH | Author of Cyber Defender | Creator of Hackuna Anti-Hack | WTH Hacker Games Champion 2015&2017 | alexislingad.org