Ask

Quick is a problem. Whitehat or "security researcher" are what you're looking for. Tryhackme is a good place for him to start. You can also check for a local hackerspace or makerspace, there's a good chance someone at either would be willing to help a kid out.

It really depends what the expectation is here.

On face value this wish is not different then “i want to be a doctor, marine biologist, astronaut” These things require years of professional expertise.

But does the kid really want to become an degree holding expert in a field… or do they just want to feel like what they think the job entails.

Its definitely incorrect that being a “hacker” is illegal. In many interpretations a hacker is simply someone who uses technology creatively in sometimes unintended ways. But i am assuming they mean computer hacker specifically.

My suggestion would be to start with giving the kid a laptop with linux and to follow some guides on how to use the terminal, you learn a lot about how computers work that way. There are also apps to emulate a linux terminal on a phone/tablet which can be complementary to the laptop to experiment with a small network of devices.

A starter project would be to build a bootable usb that you can plug in any laptop/pc usb port. They could use that as their personal “hacker os” that can be kept safe seperatly from their device. With this technically any wild pc with an unlocked bios can be temporarily be turned in your pc where you are admin with your tools and files where you are admin.

Another cool project they could learn is how to setup a remote connection to acces a terminal on a pc on another network (using ssh-key (secure), not passwords (insecure) it does mean someone needs to setup that pc with an open port but the first time i tunnelend into my own network this way it definitely made me feel like a hacker. And a “real hacker” would need to know those basics first anyway.

You might also want to check sdf.org they provide free unix shells and guides for all kinds of stuff.

Depending where you are in the world https://www.hackerspaces.org/ could help but be aware that "hacker" means different things to different people.

Even your local Linux user group may be able to run up a honeypot for the kid to learn how to "hack". Anything beyond that an you start getting outside the scope of white hat hacking

is illegal just to be a hacker for good

No it is not.

A white hat (or a white-hat hacker, a whitehat) is an ethical security hacker.[1][2] Under the owner's consent, white-hat hackers deliberately hack software or system with the aim of identifying any vulnerabilities or security issues it has, helping to reinforce it from black hat hackers. [3]

https://en.wikipedia.org/wiki/White_hat_(computer_security)

Sincere apologies for the person condition...

As you provided no actual points to consider important to invest much time into the answer, let's make it quick, too.

It's not illegal to be a hacker. It's illegal to implement and/or execute illegal actions via hacking, and it depends on the region in question. There are two common ways to distinguish hacker's scopes of actions: 1) team colors; 2) hat colors.

The concept of red teaming and blue teaming emerged in the early 1960s.
Source: https://en.wikipedia.org/wiki/Red_team#History

---

A white hat hacker breaks security for non-malicious reasons...
A black hat hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain"...
A grey hat hacker lies between a black hat and a white hat hacker, hacking for ideological reasons...
Source: https://en.wikipedia.org/wiki/Security_hacker#Classifications

It's impossible to "quickly" learn to be a hacker. The security subjects shift each fraction of a second, and you have to train your intuition layering it on the experience you gain from theories and practice.

Some of known ways to get in-depth are:

- 1. Public Capture-the-Flag (CTF) events as you may find at: https://defcon.org/html/links/dc-ctf.html;
- 2. Bounties, like: https://www.hackerone.com/bug-bounty-programs;
- 3. Serious contribution to open-source projects (e.g., KDE, Mozilla, programming language compilers as C++, Rust);
- 4. Contributions to dirvers/middlewares, and databases as: https://www.aircrack-ng.org/;
- 5. Contributions to exploits databases as: https://www.metasploit.com/contribute, https://www.exploit-db.com/;
- 6. Contributions to CVEs as: https://www.cve.org/ReportRequest/ReportRequestForNonCNAs;
- N. ...

In other words, you just find your love in the security subjects you consider closer to the heart, and go in deeper...
Then, you just use the tools you want to achieve the requirements:

# Let's just use the lovely Bash v5+ to get our IP addresses (no cURL etc.).
exec 3<>'/dev/tcp/ipinfo.io/80';
printf 'GET /ip HTTP/1.0\r\nHost:ipinfo.io\r\n\r\n' >&3;
while read -r l || (( ${#l} )); do
    [[ $l =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]] && printf '%s\n' "$l";
done <&3;

There are relatively not serious but still options as: https://tryhackme.com/
Yet, please do consider that actual hackers do never expose their actual identities. Since, your identity is a single and permanent key to your life and your family...
Once you're in, and you become responsible for your actions, you become a loner, and not a single soul will ever support you in the very end...

The quieter you are, the more you are able to hear.
~ BackTrack Linux (by Offensive Security)

I'm no hacker, but I program off and on. If you're searching for hacking advice and hitting a dead end because of reputation stuff, look up "white hat hacking". White hat hackers are ethical hackers who look for weaknesses in software and security so they can patch defenses before people with bad intentions find them.