First, you need to learn about Pen-testing so about website hacking and PC hacking.
For website hacking I suggesting you learn PHP , HTML , ASP.NET as the SQL injections for these are quite different.
Learn SQLi , LFI , RFI , XSS in those attack vectors there are few branches such as persistent and non-persistent then in SQLi there is UNION SELECT and String and few more branches. There are other attack vectors but these are most used. It is advised to know how to use Google Search Engine such as using Google Dorks.
There are few 0days I have about FEW website servers such as apache but I never sell them I use them for reasons.
For PC hacking learn C++\C in those learn Shell-coding and also ASM x64 and x86.
The next thing is to code your own tools rather than using other people(s) hack tools as it can make you a Script Kiddie rather than elite hacker.
Of course I made a tool of mine:
This way after you make a tool you can automate your job.
Also learn to use Metasploit Tool , BackTrack and other famous Pen-testing tools as they will help you a LOT trust me.
PM me If you want it. It has few bugs but it did find few Government sites vulnerable to SQLi attack so it is good in standalone form.
EDIT: NO PROBLEM SCRIPT CODER
Other Thing Python is bad Pentesting Language as the Stub size is massive and when making Military level backdoor's , it will be a problem and yes I do make them.