Where to start when it comes to cybersecurity is a topic that comes up every year. Today, I’m sharing some tips, tricks, and valuable resources that can help you get started in the field of cybersecurity.
Beginner #
Among the sites that are regularly mentioned, I highly recommend beginners to start with TryHackMe, PortSwigger, and HackTheBox. The site offers comprehensive paths with strong guidance depending on the desired discipline (Pentest, Red Team, Web, SOC, DFIR), as well as reminders on elementary concepts (Networking, System, Tools).
💸 Some training modules may require payment
- TryHackMe - Pre-Security for beginners who want to strengthen their foundations in computer science
- TryHackMe - Jr Penetration Tester to start penetration testing (Reconnaissance, Web, Network, Burp, Metasploit Privesc)
- TryHackMe - Red teaming to go further in pentesting (AD Bypass)
- PortSwigger - Academy for web security
- HackTheBox - Tracks which offers series of challenges to work on specific concepts
There are also some sites that are more suitable for those who already have some knowledge and want to try harder.
CTF-oriented #
If you’re into CTFs, here are some resources with less realistic scenarios but more focused on competitions.
- HackTheBox - Starting Point to start attacking vulnerable machines
- CTFTime which lists upcoming CTFs
- Root-Me which covers various domains and is more try-hard oriented with less instructions
- Ozint offers great challenges to practice OSINT
Finally, if you prefer video content, here are some interesting channels, including challenge solving, technical demos, interviews, and news about cybersecurity.
- WakedXY
- ProcessThief
- Khaos Farbauti Ibn Oblivion
- Noobosaurus R3x
- Hackintux
- HackinGeeK
- Pour1nfo
- HackBack
- SALTINBANK
- John Hammond 🇬🇧
- NetworkChuck 🇬🇧
Bonus #
For the bonus, here are some miscellaneous resources.
- Aperisolve to search for valuable hidden data in images
- OWASP Cheat Sheet Series super cheatsheet on web security under the OWASP banner
- TheHacker Recipes pentest cheatsheet focused on AD environments
- TheHacker Recipes - Tools companion cheatsheet to TheHacker Recipes
- Hopledge - Reflex an Offensive/Defensive cheatsheet that I maintain in my free time to help in crisis management
- DFRecipes DFIR-oriented cheatsheet maintained by my friend Pranctice
