Getting Started and other Resources

TryHackMe

A great place to start is TryHackMe. I can't recommend it enough. It's a resource that has a lot of free rooms and paths, as well as CTF's(Capture The Flag) for hands on learning. If you want to upgrade is very affordable and unlocks a lot more. First is the Complete Beginner path. This will cover how to get started using TryHackMe, their VPN or in browser machine.

There is a good path called Pre Security. This will go over intros to Offensive and Defensive Security, various Careers within CyberSec, and more. Overall TryHackMe if a great place to start as it is hands on. It allows you to use your own VirtualMachine (VM) or if you don't have that ability or don't know how to yet, you can use their in browser machine to do everything from.

If you would like to know more on setting up VMs, I have guides here.

My recommendations for beginner TryHackMe modules are:

HackTheBox

HackTheBox is a great hands-on learning place to go after you feel comfortable with what you have learned from TryHackMe. Though this is geared more toward Offensive security, they do have a smaller handful of Defensive Security. It is free, but they also offer paid versions to get more access. They have more CTFs but also offer their learning platform HackTheBox Academy.

Similar to TryHackMe you can run it in your own VirtualMachine(VM) or they offer an in browser machine to use as well. A great place to start here is Starting Point, as it covers the basics and getting started. Then after that they have Tracks, such as the Beginner Track, that is for easy machines. They also offer Official Write-ups of the machines if you need help or get stuck, as well as their forums and a discord channel.

TCM Academy

TCM Academy is a great place as well as the options are affordable for their courses and they offer some hands-on training to get their industry recognized certifications. Offering Live-Trainings and a great community discord.

Lets Defend

Lets Defend is more for the hands-on learning Defensive side of things. They offer free plan as well as paid ones to get more access. A list of their trainings can be found here as well as their own CTFs here. I haven't used much of this myself BUT I have heard great things and it's been recommended a lot.

CTFs

There are plenty of CTFs out there but some range from beginner to advanced. These are very nice and helpful for hands on as well as learning. When it comes to a CTF the objective is to of course, Capture The Flag, but it's more important to make sure you learn. Understand the tactics and techniques you're using and learning. Other than just TryHackMe or HackTheBox here's some additional CTFs to get started with as well:

Learning Resources

There are a lot of learning resources out there and some are free, some paid, some subscription based. Here are some I know of, use some I use, and others that that are helpful overall.

Attacking/Defending Cloud

Hands-On

People(Videos and channels)

Videos/Courses

Keeping Up with Cyber/Info Sec

There's multiple ways to do this, I have my recommendations over in the CyberSec News section of this.

Additional

Additional resources thanks to: 7h3h4ckv157 and danielmakelley. Twitter list here

Last updated