Ethical hacking is the authorized practice of attacking computer systems, networks, and applications using the same tools and techniques as malicious hackers, with the goal of finding vulnerabilities before criminals do. Ethical hackers are hired by organizations to test their own defenses. And yes, it’s a real career with serious demand: the U.S. Bureau of Labor Statistics projects 29% job growth for information security analysts from 2024 to 2034, many times the national average. Median annual earnings for the field sit at $124,910 as of May 2024. If you want to work in cybersecurity doing some of the most technically challenging and high-stakes work available, ethical hacking is the destination.
Here’s everything you need to know about what ethical hackers do, how to become one, what they earn, and which certifications open the most doors.
What Is Ethical Hacking?
Ethical hacking, also called penetration testing or “pen testing”, is the practice of deliberately probing systems for security weaknesses, with full authorization from the organization that owns the target environment. The ethical hacker’s job is to think and act like a malicious attacker: probing network perimeters, attempting to exploit vulnerabilities, testing social engineering defenses, cracking credentials, and documenting exactly what they find so the organization can patch it before a real attacker gets there.
The key distinctions from malicious hacking:
Authorization: Ethical hackers operate under a signed scope-of-work agreement that defines what systems can be tested, how they can be tested, and what’s off-limits. Every action is legal and sanctioned.
Intent: The goal is to improve security, not to steal, damage, or disrupt. Findings are documented and reported to the organization so vulnerabilities can be remediated.
Transparency: Ethical hackers provide detailed reports to their clients. Malicious hackers hide their tracks.
The terminology you’ll encounter: “white hat” hackers are ethical hackers working with authorization. “Black hat” hackers are malicious actors. “Grey hat” hackers operate in between, sometimes exposing vulnerabilities without authorization but without malicious intent. Ethical hackers are white hats, full stop. For a deeper look at the fundamentals, see our companion post on what ethical hacking is.
What Do Ethical Hackers Actually Do?
Ethical hacking isn’t one job, it’s a set of related activities that organizations use to assess and improve their security posture. Here’s what the day-to-day work looks like across the most common engagement types:
Penetration Testing
Pen testers attempt to breach a defined target environment using real attack techniques. A typical engagement includes:
- Reconnaissance: Gathering information about the target (OSINT, network scanning, service enumeration) to understand the attack surface
- Scanning and enumeration: Using tools like Nmap, Nessus, or Nikto to identify open ports, running services, and potential vulnerabilities
- Exploitation: Attempting to use identified vulnerabilities to gain unauthorized access, using tools like Metasploit, Burp Suite, or custom exploits
- Post-exploitation: Once inside, testing how far an attacker could move laterally through the network, escalate privileges, or access sensitive data
- Reporting: Documenting every finding with evidence, risk rating, and remediation recommendations
Pen tests can focus on network infrastructure, web applications, mobile apps, cloud environments, or physical security. Specialized engagements include red team exercises (sustained adversary simulation) and purple team exercises (collaborative attacker-defender testing).
Vulnerability Assessment
Where pen testing attempts active exploitation, vulnerability assessments are more systematic surveys of known weaknesses. Automated scanning tools are heavily used. The output is a prioritized list of vulnerabilities for the security team to remediate.
Social Engineering Testing
Many breaches don’t start with technical exploits, they start with humans. Ethical hackers test employees through phishing simulations, pretexting calls, and physical access attempts to assess how well the organization’s people hold up against manipulation tactics.
Web Application Testing
Dedicated web app testers focus specifically on the vulnerabilities common in web and API environments: SQL injection, cross-site scripting (XSS), broken authentication, insecure direct object references, and the broader OWASP Top 10. Organizations with customer-facing web properties run these regularly.
The Skills Ethical Hackers Need
Ethical hacking is one of the most technically demanding specializations in cybersecurity. The skill set is broad:
Technical Skills
Networking fundamentals: TCP/IP, routing, switching, VPNs, DNS, firewalls. You can’t attack what you don’t understand architecturally. Network+ is the credential that validates this foundation.
Operating systems: Proficiency across Windows, Linux, and Unix. Kali Linux is the standard pen testing OS, it comes preloaded with hundreds of security tools. You should be comfortable in the command line before you start ethical hacking coursework.
Scripting and programming: Python is the most valuable language for ethical hackers: it’s used for automation, custom exploit development, and tool building. Bash scripting, PowerShell, and some familiarity with web languages (JavaScript, SQL) are also valuable.
Common attack tools and techniques: Metasploit, Burp Suite, Nmap, Wireshark, Aircrack-ng, John the Ripper, Hashcat, SQLMap. Ethical hackers need to know what these tools do and when to use them.
Vulnerability knowledge: Understanding how common vulnerabilities work: buffer overflows, privilege escalation paths, injection attacks, authentication bypasses, and the exploitation frameworks built around them.
Cryptography basics: Understanding how encryption works (and fails) matters for testing authentication systems, HTTPS implementations, and data protection controls.
Cloud environments: Modern organizations run significant infrastructure in AWS, Azure, or Google Cloud. Ethical hackers increasingly need cloud-specific knowledge: misconfigured storage buckets, IAM privilege escalation, container escapes.
Soft Skills
Systematic thinking: Penetration testing is methodical work. Good pen testers follow structured methodologies (PTES, OSSTMM, OWASP) and document findings with the precision that clients need.
Clear communication: Technical findings have to be translated for executives and non-technical stakeholders. A vulnerability report that only a fellow pen tester can understand isn’t useful.
Ethics and judgment: Ethical hackers have authorized access to systems that could cause real damage if misused. The professional and legal obligations that come with that access are real.
Patience and persistence: Real-world pen testing often involves hours of reconnaissance and enumeration before a single exploitable finding. The best ethical hackers are thorough, not just lucky.
How to Become an Ethical Hacker
The Typical Career Path
Most ethical hackers don’t start in penetration testing, they build toward it through a progression of IT and cybersecurity roles.
Stage 1, IT Foundation: Foundational training covering hardware, software, networking basics, and IT support fundamentals. This is the starting point for most career changers entering IT. The BLS reports median pay of $60,340 for computer support specialists as of May 2024, the job category most aligned with entry-level IT support (individual results vary based on role, experience, location, and employer).
Stage 2, Networking: CompTIA Network+ validates networking concepts: TCP/IP, routing, switching, wireless, troubleshooting. Network knowledge is foundational to understanding how attacks move through infrastructure. The BLS reports median pay of $96,800 for network and computer systems administrators as of May 2024 (individual results vary).
Stage 3, Security Baseline: CompTIA Security+ is the most widely recognized entry-level cybersecurity certification and satisfies DoD Directive 8140 requirements. The BLS reports a median annual wage of $124,910 for information security analysts as of May 2024; entry-level roles in this category typically report compensation in the $60,000 to $80,000 range (individual results vary based on experience, location, and employer).
Stage 4, Ethical Hacking Specialization: EC-Council CEH (Certified Ethical Hacker) is the gold-standard credential for penetration testing professionals. It validates knowledge of the full attack lifecycle, from reconnaissance through reporting, and is required or preferred by employers for dedicated ethical hacking and pen testing roles. MyCC is an EC-Council Center of Excellence, the highest designation for delivering the CEH program.
Stage 5, Advanced Specialization: CompTIA PenTest+, EC-Council CPENT (Certified Penetration Testing Professional), Offensive Security OSCP (OffSec Certified Professional), and GIAC GPEN are advanced credentials that pen testers pursue to deepen and demonstrate expertise.
Do You Need a Degree?
Not necessarily, and this is an important point for career changers. The majority of private-sector employers hiring ethical hackers prioritize certifications, demonstrated skills, and portfolio evidence over academic degrees. A candidate with CEH certification and a documented track record of hands-on lab work is more competitive than a candidate with a generic bachelor’s degree and no hands-on experience.
Some government and defense contractor roles do prefer or require a bachelor’s degree, and security clearance requirements can add vetting criteria. But across the broader market, certifications drive hiring decisions for ethical hacking roles.
The CEH Certification: What It Is and What It Covers
The EC-Council Certified Ethical Hacker (CEH) is the most widely recognized credential in the ethical hacking space. The current version is CEH v13, released in 2024. It covers:
- Ethical hacking fundamentals, scope, and methodology
- Reconnaissance techniques (passive and active)
- Scanning networks and identifying vulnerabilities
- System hacking: gaining access, privilege escalation, maintaining access, covering tracks
- Malware threats, ransomware, and trojans
- Social engineering tactics
- Network sniffing and session hijacking
- Web application attacks (SQL injection, XSS, CSRF)
- Wireless network security testing
- Cloud computing attacks and container exploitation
- Cryptography attacks
- IoT and OT/ICS hacking
- AI-powered attack and defense techniques (introduced in v13)
CEH Exam Format: 125 multiple-choice questions; 4 hours; passing score varies by exam form (approximately 70 to 85%); proctored through EC-Council or Pearson VUE testing centers.
CEH Eligibility: Candidates must either have two years of work experience in information security or complete an official EC-Council training program before sitting for the exam. MyCC’s program satisfies the training pathway requirement.
CEH Renewal: 120 Continuing Professional Education (CPE) credits required within three years, earned through training, conferences, research, publications, and other approved activities.
What Do Ethical Hackers Earn?
Ethical hacking and penetration testing roles are among the highest-compensated technical specializations in cybersecurity. Compensation varies by role, experience, and certification level (individual results vary based on role, experience, location, and employer):
| Role | Typical Salary Range |
|---|---|
| Security Analyst (Entry-Level) | $55,000 – $75,000 |
| Junior Penetration Tester | $70,000 – $95,000 |
| Penetration Tester (Mid-Level) | $90,000 – $130,000 |
| Senior Penetration Tester | $120,000 – $160,000 |
| Red Team Lead | $140,000 – $185,000 |
| Security Consultant (Independent) | $150,000 – $250,000+ |
The BLS reports a median annual wage of $124,910 for information security analysts as of May 2024, a category that encompasses penetration testers and ethical hackers. The top 10% of earners in this category exceed $186,420 per year.
Factors that increase ethical hacker compensation:
CEH certification: Certified ethical hackers consistently command higher salaries than uncertified analysts in equivalent roles. According to CompTIA’s workforce research, certifications directly correlate with compensation increases throughout the cybersecurity career path.
OSCP (Offensive Security Certified Professional): Considered the most respected hands-on pen testing credential in the industry. OSCP holders often command a premium over CEH-only certified candidates because the exam requires proving exploitation skills in a live environment over 24 hours.
Security clearance: In the D.C./Northern Virginia corridor and defense contracting environments, cleared ethical hackers earn 15 to 30% above uncleared counterparts in equivalent roles. MyCC students with military backgrounds often already have clearance eligibility.
Specialization: Cloud pen testing, red teaming, industrial control system (OT/ICS) security, and application security are specialized sub-fields that command premium compensation.
Location: Washington D.C., San Francisco, Seattle, and New York pay above national median. Remote roles tied to high-paying employers often maintain those salary rates.
Building Hands-On Skills
Ethical hacking skill development requires hands-on practice. Theoretical knowledge alone isn’t enough, and employers know it. MyCC’s training in the Cybersecurity Specialist (CSS) and Cybersecurity Engineer (CSE) programs includes structured lab work aligned to CEH objectives, which is one of the reasons the school carries EC-Council’s Center of Excellence designation.
For candidates who want to supplement their training, the tools below are industry-standard and widely used in professional pen testing:
Core tools to learn: Kali Linux (the standard ethical hacking OS, pre-loaded with hundreds of pen testing tools); Metasploit Framework (widely used exploitation framework); Burp Suite Community Edition (web application testing proxy); Wireshark (network packet analysis); Nmap (network scanner and service detection).
Practice environments: DVWA (Damn Vulnerable Web Application), a deliberately insecure web app for practicing web attacks in a legal environment; Metasploitable, a deliberately vulnerable Linux VM for practicing exploitation.
Consistent tool proficiency is what separates candidates who understand ethical hacking conceptually from those who can actually perform it in an employer interview or on the job.
FAQ: Ethical Hacking
Is ethical hacking a good career in 2026 and beyond?
Yes, strongly. The BLS projects 29% growth for information security analysts from 2024 to 2034, many times the national average. Penetration testing and ethical hacking roles are among the highest-demand and highest-compensated specializations within that growth. The talent gap between open positions and qualified candidates consistently favors people with verified skills and certifications.
What certifications do I need to become an ethical hacker?
Most ethical hackers build toward the role through foundational IT training, then CompTIA Network+ and Security+, then specialize with EC-Council CEH. Advanced pen testers add OSCP (Offensive Security), CompTIA PenTest+, or GIAC GPEN. The CEH is the most widely recognized entry point for dedicated ethical hacking roles, and MyCC is an EC-Council Center of Excellence for delivering CEH training.
Can I get into ethical hacking without a degree?
Yes. Most private-sector employers prioritize certifications, demonstrated skills, and documented hands-on lab work over academic credentials. Some government and defense positions prefer a degree, but across the broader market, CEH certification and practical skills drive hiring decisions.
How hard is the CEH exam?
The CEH is challenging. It covers a wide range of topics, 20+ domains across the full attack lifecycle, and requires understanding not just the concepts but the specific tools and techniques used in real pen testing. Candidates who come in with Security+ knowledge and hands-on lab experience are better positioned than those starting from zero. MyCC’s program is designed to prepare candidates through structured content and lab work, not just exam prep.
What’s the difference between CEH and OSCP?
CEH is a knowledge-based certification, it tests conceptual understanding of ethical hacking through multiple-choice questions. OSCP is a performance-based certification, you have 24 hours to compromise a set of vulnerable machines in a live lab environment. OSCP is generally considered harder and more respected by working pen testers. CEH is more widely required in job postings, particularly for government and enterprise roles. Many ethical hackers pursue CEH first, then OSCP.
What does a typical day look like for an ethical hacker?
It depends on whether you’re on an internal security team or a consulting firm. Internal ethical hackers often divide time between scheduled assessments, vulnerability management, and tool development. Consultants move between client engagements, each one scoped, executed, and reported within a defined timeline. Either way, expect significant time in documentation and reporting: a finding no one understands doesn’t help anyone.
Bottom Line
Ethical hacking is one of the most technically demanding and financially rewarding specializations in cybersecurity. The BLS projects 29% job growth from 2024 to 2034. Median compensation sits at $124,910, with penetration testers and red team leads reporting compensation of $130,000 to $185,000, according to labor market data (individual results vary). And the work is genuinely complex, which is exactly why qualified ethical hackers are in short supply and high demand.
The path in doesn’t require a computer science degree. It requires the right certifications, Security+ to establish the baseline, CEH to specialize, combined with real hands-on skill development. MyCC is an EC-Council Center of Excellence, and its programs are specifically designed to take candidates from IT foundation to ethical hacking readiness in a structured, accelerated sequence.
If you want to understand what your specific path into ethical hacking looks like, based on your current background, timeline, and goals, MyCC’s free evaluation can map it out for you.