Getting Started and other Resources
Last updated
Last updated
A great place to start is . I can't recommend it enough. It's a resource that has a lot of free rooms and paths, as well as CTF's(Capture The Flag) for hands on learning. If you want to upgrade is very affordable and unlocks a lot more. First is the Complete . This will cover how to get started using TryHackMe, their VPN or in browser machine.
There is a good path called . This will go over intros to Offensive and Defensive Security, various Careers within CyberSec, and more. Overall TryHackMe if a great place to start as it is hands on. It allows you to use your own VirtualMachine (VM) or if you don't have that ability or don't know how to yet, you can use to do everything from.
If you would like to know more on setting up VMs, I have .
My recommendations for beginner TryHackMe modules are:
is a great hands-on learning place to go after you feel comfortable with what you have learned from TryHackMe. Though this is geared more toward Offensive security, they do have a smaller handful of Defensive Security. It is free, but they also offer paid versions to get more access. They have more CTFs but also offer their learning platform .
Similar to TryHackMe you can run it in your own VirtualMachine(VM) or they offer an in browser machine to use as well. A great place to start here is , as it covers the basics and getting started. Then after that they have Tracks, such as the , that is for easy machines. They also offer Official Write-ups of the machines if you need help or get stuck, as well as their forums and a discord channel.
There are plenty of CTFs out there but some range from beginner to advanced. These are very nice and helpful for hands on as well as learning. When it comes to a CTF the objective is to of course, Capture The Flag, but it's more important to make sure you learn. Understand the tactics and techniques you're using and learning. Other than just TryHackMe or HackTheBox here's some additional CTFs to get started with as well:
There are a lot of learning resources out there and some are free, some paid, some subscription based. Here are some I know of, use some I use, and others that that are helpful overall.
is a great place as well as the options are affordable for their courses and they offer some hands-on training to get . Offering and a great community discord.
is more for the hands-on learning Defensive side of things. They offer free plan as well as paid ones to get more access. A list of their trainings can be found as well as their own CTFs . I haven't used much of this myself BUT I have heard great things and it's been recommended a lot.
(AWS and Azure)
(Azure)
<-- CTF and Courses
<-- CTF and Courses
- Online learning courses
- Download Vulnerable VMs to run and attack
<-- Downloads VMs to attack
<-- Downloads VMs to attack
<-- CTF
<-- CTF
<-- CTF
- Itβs not quite a course, but has a ton of educational content on cloud pentesting. Leans more toward AWS.
There's multiple ways to do this, I have my recommendations over in the section of this.
Additional resources thanks to: and .