For the sake of defining your terms even though they were mostly examples.
Trojan horse. Program with ill intent that you slip into a system traditionally via deception of the operator* (like the trojan horse of myth). This might be contrasted to a virus which is both self replicating and might only rely on failures of software security rather than user error/gullibility.
Backdoor. Computer security is actually not that hard to do well, or at least make life really difficult for hackers. To that end support might include a back door -- if you have ever tried to get say your grandma to get the router configuration password when she does not even know what a router is... to that end the ISP that provides it often has an account baked in for the support team to use to change things. Governments might also lean on software providers to leave in a backdoor for their spies and police to use. Both are generally considered bad form both from a liberty perspective and a security one as backdoors rarely stay secret for long.
*see also social engineering. I am very good at security, have some serious maths skills, have read many books from
https://www.schneier.com/books/ (for many one of the foremost authorities on cryptography and security in the world) and his blog for many years now. I could use all those over the course of a long time to break into said grandma's router to steal her credit card, or alternatively I could take far less time to call said grandma up, in my best posh English accent say I am from the ISP and we have detected a problem and get her to read the various passwords from the internet box. Doesn't have to be grandma either (
https://www.youtube.com/channel/UCm22FAXZMw1BaWeFszZxUKw ) -- works just as well on supposed switched on CEOs (see spear phishing). If you want a book from one of the foremost social engineers out there then
https://www.mitnicksecurity.com/ghost-in-the-wires (ghost in the wires by Kevin Mitnick).
Hats then. There are traditionally three.
Black hat hackers. Operate without real regard for the law or necessarily what damage they cause. Black hat is also the name of one of the top computer hacking/security conferences but more on those later.
White hat hackers. Operate within the general remits of the law (sometimes laws are bad and written by clueless old people 50 years ago) and are concerned with damage they cause or could cause if they revealed their findings to the public or as part of their actions, and usually are what people tap to make sure they are secure. For many this is the harder route as you are more limited, and it is generally harder to defend than attack (attacker only has to succeed once, defender every time).
Grey hat hackers. Blend of the two.
As an example of the mindset. So you are a hacker tasked with boosting a website for someone (SEO optimisation is a scam, hacking is not). White hat would do all the nice things that a competent SEO would do, check security and advise on making site nicer for users. Black hat might do all that but also realise that setting up spam sites for the rival companies to make search engines be all "ew they are littered with spam, derank" or indeed "ew they are using spam for their site to try to boost rankings, derank") and go in for that, as well as general hacking on the rivals and thus we have black hat SEO methods.
Red hat is a type of Linux.
https://www.redhat.com/en
You might also see "red team" and "blue team". Red team is those hackers that are hired to try to infiltrate a company/system (typically by said company or one of their bosses) where blue team is those hackers that try to defend a system.
ROM hacking. This is the act of taking games, pulling them apart to see what makes them tick and changing things to be closer to your/your client's liking. The above stuff is way more prominent in PCs, mobile phones, websites and the like where ROM hacking is concerned with games. Somewhat different set of skills to the other things mentioned as well -- there are very few cases where deep knowledge of databases, web scripting and server configuration will be helpful as a ROM hacker (even fewer if you take out MMORPGs -- World of Warcraft quite famously used a database language mysql, which those doing private servers would do well to be able to handle, unless you are coding tools to handle things, usually translations, then no benefit at all to knowing that to handle games from the vic20 up to the 3ds really). As a ROM hacker you would do better to straddle ROM hacking itself (usually data representation, the link in my signature covering mostly that really), programming for games which is its own discipline compared to other things and game design (
https://docs.google.com/document/d/1iNSQIyNpVGHeak6isbP6AHdHD50gs8MNXF1GCf08efg/pub?embedded=true and see what you like on AI videos and how AI works in games. If I am suggesting more books then before you get any other on this list then
https://mitpress.mit.edu/books/characteristics-games , though I have to warn you that knowing game theory/design will break games for you and result in you being "that guy" at parties when someone wants to play a new board game,
video that serves a bit of a primer and they have some other good stuff as well).
I will also note there is very little overlap between ROM hacking and those that hack the consoles in the first place to allow custom code to run and thus open the door to ROM hacking.
Not all hackers are computer experts. It is really not hard to run a lot of premade scripts from
https://www.metasploit.com/ with something like
https://www.kali.org/ or indeed even do a humble port scan
https://nmap.org/ or basic packet analysis
https://www.wireshark.org/
There are a lot of "red team" positions in various companies that will hire you basically off the street to do the above. Similarly if you come to them with other skills -- all the computer security in the world does not amount to much when the local crackhead kicks down your door and steals the server so if someone on the team is good at physical security (ex military and ex police usually providing most of these types) but can barely type an email then they might still be among the more valued members of said team.
By similar token most of hacking prevention is just good system administration and that is not the same as programming either (
https://nordpass.com/most-common-passwords-list/ ), change defaults and do basic due dilligence as far as locking down things to that which you need and limiting access within that to what which each user needs and you will be way ahead of most.
Hacking itself is not really taught in schools (some places claim to teach "ethical hacking", basically analogous to the white hat stuff above, and while they are not all scams that teach you nothing of great merit then maybe 95% of them are, and most of the good ones are postgraduate courses) and worse still is school is all about beating that hacker mindset out of you just as it aims to beat all creativity and inquisitive nature out of you and make you a nice little worker drone.
It is actually a real problem for governments and corporations and they have to bend over backwards to recruit hackers.
related. I don't necessarily agree with all of this but it is a good start for some things.
Conferences are also great things to learn from. C3, defcon, black hat being the big three but there dozens more.
I linked a bunch in
https://gbatemp.net/threads/console-software-vulnerability-exploits-study.611672/
Most of their modern talks will have videos, and youtube channels.
https://www.youtube.com/user/ChRiStIaAn008 has a lot of older stuff.
For the sake of something a bit different though but still well within the hacker mindset
Have fun. What to focus on is entirely up to you to figure out. You could go with what you like (there is a reason I have said very long document on ROM hacking), you could go with what makes you (legitimate) money (I mentioned red team and blue team, indeed the last two videos are from one of the foremost red team players), you could go with what you find useful, you could go with what you find interesting. With a marginal exception for some of ROM hacking (which would still have you at a disadvantage) then you will probably want to learn some programming
http://programming-motherfucker.com/ for a more video approach. If you want to get really into the weeds of finding exploits then that tends to also mean serious programming skills but there are plenty of other things available.
