How long does it take to become an ethical hacker in India?

Realistic timeline: 12-18 months of focused effort from zero to first ethical hacking job. Breakdown: 3 months for networking + Linux foundations, 2 months for Security+ cert, 4-6 months for CEH + hands-on training, 2-3 months for OSCP if pursuing, 2-3 months for portfolio + job applications. Aggressive timelines under 12 months rarely produce job-ready candidates — the field requires hands-on muscle memory that takes time to build.

Can I become an ethical hacker without a degree in India?

Yes — the field is famously credential-flexible vs degree-flexible. Most Bangalore pen-test JDs say 'graduation any stream' rather than 'CS degree'. About 35% of our pen-test alumni came from non-IT branches (Mechanical, EEE, BCom, BBA). What matters more than degree: certifications (Security+, CEH, OSCP), CTF profile (TryHackMe, HackTheBox rank), bug bounty track record, and demonstrated lab/internship experience. A degree helps for HR system filtering at IT services giants but isn't the determining factor at product companies and specialised cybersec firms.

What's the salary of an ethical hacker in India?

Wide range by experience and certifications. Fresher (0-1 yr): ₹4-7 LPA without OSCP, ₹7-10 LPA with OSCP + portfolio. Mid-level (2-5 yr): ₹8-15 LPA. Senior (5-10 yr): ₹15-25 LPA. Specialised (red team lead, exploit developer): ₹25-40 LPA. Top freelance/consulting + bug bounty earners: ₹40-70 LPA. Bangalore commands 15-25% premium over other Indian metros for pen-test roles.

Should I take CEH or OSCP first?

CEH first if you're a fresher — it's recognised globally by HR systems and a common minimum requirement. CEH costs ₹100K (~$1,199) and is multiple-choice. OSCP later — it's the gold standard for hands-on pen-test skills but costs ₹135K+ (~$1,599) and has a 24-hour practical exam. Most senior Bangalore pen-testers have both. Don't skip CEH thinking 'OSCP is enough' — it'll pass you over for HR filters at IT services giants. Take CEH for credential, OSCP for skill.

Is ethical hacking legal in India?

Yes, with explicit written authorisation. The IT Act 2000 + Information Technology Rules 2011 govern this. Authorised activities (legal): pen-testing your employer's systems with written scope, bug bounty program submissions for registered programs, CTF challenges on dedicated platforms, penetration testing your own systems. Unauthorised activities (illegal, criminal liability): testing systems you don't own, exploiting bugs in production without authorisation, even 'helpful' unauthorised disclosures. Always get authorisation in writing before any testing — this is non-negotiable for the profession.

Can I become an ethical hacker while studying in college?

Yes — and it's the optimal time. Final-year + first-job freshers have the best ROI on time invested. Start with: free resources (TryHackMe, OverTheWire wargames), Security+ during 3rd-4th year semester break, CEH or hands-on training before graduation, internship in 7th-8th semester at a security firm. By graduation: cert + portfolio + internship → ₹6-10 LPA fresher offers possible. Most successful young Bangalore pen-testers we've placed started in their 3rd year of college.

2026 EDITION · 8-STEP ROADMAP · 12-18 MONTHS · INDIA

How to Become an Ethical Hacker in India 2026

Step-by-step roadmap from zero to first ethical hacking job in India — 12-18 months of focused effort, ₹1.5L-2L total investment in courses + certs, ₹4-22 LPA salary band depending on certs + experience. Covers prerequisites (networking, Linux, Python), certification ladder (Security+ → CEH → OSCP), portfolio building (TryHackMe, HackTheBox, bug bounty), and Bangalore/India hiring landscape.

Curated by Vikas Swami (Dual CCIE #22239) — 18 years of training and placing ethical hackers at Bangalore product companies, IT services giants, and specialised cybersec firms.

8-Step Roadmap to Become an Ethical Hacker

Step 1 — Build Foundations (Months 1-3): Master networking (CCNA-level) + Linux. Without these, ethical hacking content makes no sense. CCNA: 1 month, ₹12,390. Linux: free resources (Linux Journey, OverTheWire).
Step 2 — Learn Programming Basics (Months 2-4): Python is non-negotiable. Cover: requests, BeautifulSoup, scapy. Bonus: Bash + JavaScript for web app testing.
Step 3 — Get CompTIA Security+ (Months 3-5): ₹33K, 6-8 weeks prep. Industry baseline — HR systems filter on it.
Step 4 — Master CEH or Hands-On Pen-Test (Months 5-9): CEH v13 (₹100K, credential-focused) OR Networkers Home 8-month flagship (CEH-aligned + real lab + paid internship). Most do both for combo.
Step 5 — Build Portfolio on TryHackMe + HackTheBox (Months 6-12): Aim for: 50+ TryHackMe rooms ('Hacker' rank), 10+ HackTheBox boxes pwned. Document write-ups on personal blog/GitHub.
Step 6 — Pursue OSCP (Months 12-18): ₹135K+, 24-hour practical exam. Most respected hands-on cert globally. Required for mid-senior pen-test roles in India.
Step 7 — Bug Bounty Practice (Months 9+): HackerOne, Bugcrowd, Synack. Even ₹0 payouts build credibility. Top Indian bounty hunters earn ₹15-30 LPA from bounties alone.
Step 8 — Apply + Land First Pen-Test Job (Months 12-18): Target Junior Pen Tester / Security Analyst / VAPT Engineer roles. Bangalore companies: Paladion, Aujas, Wipro Cyber, TCS Cyber, Accenture Security, Razorpay, Cred. Expected: ₹5-10 LPA fresher with cert + portfolio; ₹10-15 LPA with verified internship + OSCP.

Salary Expectations by Experience

Stage	Years	Common Roles	Salary (₹ LPA)
Fresher (no cert)	0	SOC L1, Junior VAPT trainee	₹3.5-5
Fresher (Security+ + portfolio)	0	Junior Pen Tester	₹4-7
Fresher (CEH + verified internship)	0	Junior Pen Tester / VAPT Engineer	₹6-10
Junior + OSCP	1-2	Pen Tester	₹8-12
Mid-level	2-5	Senior Pen Tester, VAPT Lead	₹10-18
Senior	5-10	Red Team Lead, Exploit Developer	₹18-30
Specialised / Lead	10+	CISO, Practice Lead, Researcher	₹30-50+

Skip the trial-and-error path

Our 8-month flagship integrates all 8 steps with structured curriculum, real lab access, paid internship, and 100% placement guarantee. 18 years of refinement; 45,000+ alumni placed.

Free Career Consultation View Ethical Hacking Course

8-Step Roadmap to Become an Ethical Hacker

Salary Expectations by Experience

Skip the trial-and-error path

Certifications We Prepare You For