Since I first announced the new Null Byte recognition for excellence a few weeks ago, several of you have written me asking, "How can I study for this certification exam, and what material will be covered on the exam?" Now I have an answer for you.
The White Hat Hacker Associate (CWA) will cover 14 domains or areas. Everything you need to know is here on Null Byte. There will be no questions that are not covered here on this site, guaranteed.
It's important to note that this is an entry-level certification and not a professional certification. As such, it will emphasize the basics of each of these 14 domains without going into great depth. There will not be labs on the CWA, though, there will be labs with the CWE and the CWP. The questions will be strictly multiple choice. If you know the basic concepts, you should be able to pass this exam and then begin to work your way toward the more advanced CWE and the CWP.
The 14 domains and their weight on the exam, as well as the articles you should read and know to prepare for the CWA, are:
This is probably the one area I have written the least on. The idea here is that the successful CWA needs to understand what a White Hat Hacker is and what they do. The CWA needs to understand that a White Hat Hacker may work in pentesting, information security, cyber warfare, and espionage among a number of industries. In addition, the CWA must be familiar with the hacker methodology.
To be a White Hat Hacker, there are some IT fundamentals that you must know. For instance, you need to understand the basics of Linux, networking, and TCP/IP. It's important to understand Linux, as it is the hacker platform, for good reason.
You can pick up some basic networking from the first two articles below, and some TCI/IP basics from the forensics article.
This section starts the standard hacking process, beginning with passive reconnaissance. This is reconnaissance that cannot be detected by the target. You should be familiar with Shodan and Netcraft and how to abuse DNS for reconnaissance and finally, a bit of SNMP.
Port scanning may be among one the most fundamental skills of the hacker, and Nmap may be the most fundamental tools of the hacker. The following two guides on Nmap and Hping3 should be sufficient for you to pass this section of the exam.
I have written little here on social engineering, but many of the hacks I have detailed include some measure of social engineering, such as getting people to click on a PDF, Word, or MCL file. In addition, you should be familiar with the Social Engineering Toolkit and social engineering techniques.
The CWA must understand the basics and principles of password hacking/cracking. You should read my series on password cracking and be familiar with some of the password cracking tools such as Cain and Abel, John the Ripper, Hashcat, and THC-Hydra.
Although the CWA won't go into great detail on using Metasploit, to successfully pass the CWA exam, you should understand the basic concepts and commands of Metasploit, such as what is an exploit, payload, target, LHOST, RHOST etc. I suggest you read and study the following series.
The CWA is not expected to be a cryptographer, but they should be familiar with the concepts of symmetric vs. asymmetric cryptography, PKI, hashes, etc. The test questions on the exam will be limited to the terms and concepts in the following article.
Sniffing is a rudimentary skill for both the network engineer and White Hat Hacker. To pass the CWA, you should understand what sniffing is and how to use such tools as Wireshark. Check out the following article for help on Wireshark.
Snort is the world's most widely used intrusion detection system (IDS). Understanding how it works will make you a better security engineer and hacker. The CWA will be expected to understand the basics of Snort operation and the structure of a Snort rule.
Vulnerability scanning is critical to discovering known vulnerabilities in website, applications, and operating systems. The CWA should be familiar with the concepts and limitations of vulnerability scanning. To prepare for the exam, take a look at these three articles:
SQL injection is one of the best ways for hackers to get to the hacker's pot of gold, the database. The successful CWA should understand the basics of SQL Injection and database hacking. To study for this section of the exam, check out my Hacking Databases series and the excellent article on SQL injection by Allen Freeman listed below.
Any hacker worth their salt needs to understand the basics of wireless hacking. To pass the exam, you must distinguish between the different types of wireless security (WEP, WPA, and WPA2), as well as the basic tools and techniques of wireless hacking.
To study for this portion of the exam, make sure to read:
The key things to study here are BeEF and my web app hacking series. Although the web app hacking series is far from complete (as are all my series), you will only need to understand the basics for this exam that are covered in these articles.
More advanced subject areas such as mobile hacking, Metasploit hacking, exploit development, and scripting will not be on the CWA exam, but will appear on the more advanced CWE and CWP, where the certification will require the completion of a hacking lab to show proficiency with tools and concepts.
Remember that this exam will only cover concepts and tools covered here on Null Byte, so no need to buy outside books and classes. If it is not on Null Byte, it will not be covered on the exam. Also, please remember that if you can't find an article, type the keywords in the search box up top. In addition, take a look at my article, "How to Use Null Byte to Study to Become a Professional Hacker," for some guidance on what to read and study.
You can expect the exam to be ready in either December or January, and that means plenty of time to study so that you can be among the first to be certified as a White Hat Hacker Associate!