Recommended Learning Path for Beginners Nobody is born with knowledge of any of this material. If you encounter someone very skilled, know that they've likely been practicing for a long time. It didn't come to them overnight, I can promise you.
It may seem like there's a mountain of materials to learn. There are no shortcuts, so try to enjoy the climb. As long as you keep learning a little bit at a time, you will learn enough that more things will start making sense. The investment of your time will be worth it.
ℹ️
You do not need to be an expert in all of these domains. The idea is to build confidence with a broad understanding of these topics.
⚠️
If English is not your native language, you might consider slowing the video speed and enabling subtitles (if available), as some of the speakers may talk a bit quickly.
Systems Administration 1. Foundational Knowledge 💡
Highly Recommended Viewing
This is a series of brief videos that will introduce you to the technical metamorphosis of computers and their various parts. Very good stuff!
VIDEO 13:35 VIDEO 12:16 VIDEO 12:02 VIDEO 11:23 VIDEO 12:58
2. Interactive Introduction to Computer Systems Go through a gamified and engaging series of lessons that will introduce you to the hardware and software aspects of computer systems.
Introduction to IT | Codecademy
Take your first steps into the world of IT, or Information Technology! Introduction to IT will teach you about core IT subjects.
3. Systems Administration Crash Course by Google VIDEO Playlist VIDEO Playlist
4. Introduction to Virtual Machines and VirtualBox VIDEO 15:34
5. If You Want to Go Further... ⚠️
These are optional additions to the learning path
Computer Networking 1. Foundational Knowledge Here you will be introduced to the history and metamorphosis of the technology that makes up computer networks and the larger Internet.
VIDEO 12:19 VIDEO 11:57
2. Complete Networking Course by Google VIDEO Playlist
3. Hands-On Networking Labs with GNS3 Labs | Pacific Cybersecurity
I'd recommend doing the lab in this order as some of the concepts may be difficult for complete beginners:
Steps 1, 2, 3 Then, steps 6, 7, 8, 9 If you're feeling ambitious, you could do the entire lab, but there are some concepts that may be best saved for later.
4. If You Want to Go Further... ⚠️
These are optional additions to the learning path
Professor Messer's Network+ Videos Please Note!
This is not a recommendation to get the certification unless needed for a job! The networking course by Google linked above should cover almost everything you need to know.
Professor Messer's Network+ Training Videos
Web 1. Foundational Knowledge Here, you will be introduced to the history and metamorphosis of the technology that makes up the World Wide Web.
VIDEO 11:36
2. How DNS Works The Domain Name System (DNS) is a core component to the functionality of the web and web servers.
VIDEO 6:04
3. HTTP and HTML 101 HTTP is the protocol used between web browser and web servers to transfer data back and forth. HTML is the markup language that instructs browsers on how that data should be displayed on the page.
VIDEO 7:06
4. Learn About the Web Interactively While TryHackMe is a cybersecurity training platform, this free module is an informational module that will help you learn about the web technologies in a gamified manner.
TryHackMe | Web Fundamentals
Learn how the web works!
Programming 1. Foundational Knowledge Here you will have the opportunity to learn about the fundamental concepts in programming in a gamified manner. This entire module is interactive, so take it in small chunks at a time and have fun with it.
Learn How to Code | Codecademy
New to coding? Start here and learn programming fundamentals that can be helpful for any language you learn.
2. Learn PowerShell Interactively ℹ️
Shameless plug, this is a PowerShell series written by me
This is a mini-series on my blog that will introduce you to programming fundamentals with PowerShell. PowerShell makes a great introductory language if you have a Windows computer, cause you can just get started without having to install any additional software packages.
PowerShell as Your First Programming Language
In this post, I discuss why PowerShell makes a great first programming language
3. Learn Python Interactively This is a very high-quality, free course on Udacity which will take you through the fundamentals of programming with Python. If you pick up here after my PowerShell course, you'll see a lot of the same concepts, just different ways of doing them with Python.
Free Intro to Python Course | Free Courses | Udacity
Take Udacity’s free Intro to Python course, designed for beginners, and get an introduction to programming and the Python language. Learn online with Udacity.
4. A Deeper Look into Programming While this course is not interactive in nature, it is free and VERY informative. You'll gain a better understanding of computer numbering systems and the ways programs can control hardware, networking, and more.
🔗
https://www.udemy.com/course/programming-101/
Systems Administration Resources Core Systems Concepts Storage CPU Memory Boot procedure System internals Core directories Filesystem hierarchy Windows Registry Event and audit logs
Terminals Linux Windows PowerShell cmd.exe (Legacy)
Common Command Line Operations Create, delete, modify files and directories
ls
, mkdir
, cd
, touch
, nano
, cp
, mv
, rm
, vim
, Get-ChildItem
, New-Item
, Copy-Item
, Move-Item
, Rename-Item
, Remove-Item
Manipulating file contents and text streams
grep
, cat
, sed
, awk
, tr
, cut
, paste
PowerShell: -split
, -replace
, -join
Managing processes and services
ps
, kill
, systemctl
, service
, strace
, Get-Process
, Stop-Process
, Get-Service
, Stop-Service
, Restart-Service
Installing and uninstalling packages
apt
, yum
, pkg
, pacman
, zypper
, winget
, Install-Package
, Uninstall-Package
Downloading files and interacting with the web
wget
, curl
, Invoke-WebRequest
, Invoke-RestMethod
, [System.Net.WebClient]::DownloadFile()
Cheat Sheets tldr InBrowser.App
tldr InBrowser.App is an offline-capable PWA for tldr-pages. Fully runs in your browser. Zero API latency.
explainshell.com - match command-line arguments to their help text
match command-line arguments to their help text
PowerShell Commands Library | PDQ
We’re passionate about PowerShell. We believe it’s quickly becoming a necessity for carrying out day-to-day systems administrative tasks. To help our users write scripts to automate their daily work, we’ve compiled a list of common PowerShell commands.
PowerShell commands - PowerShell - SS64.com
Linux, Bash, and System Administration Cheat Sheet
cheat sheet for Linux/Bash/System Administration
Crontab.guru - The cron schedule expression editor
An easy to use editor for crontab schedules.
Free Systems Training Hands-On Labs Proxmox VE 7: Converting a Laptop into a Bare Metal Server
In this post, we will take a look at an in-detail process of setting up a Proxmox home lab on a bare metal server.
Building a Security Lab in VirtualBox
In this post, we we will take a look at an in-detail process of setting up an entry-level cybersecurity lab using VirtualBox
Linux Linux Server Management and Security
Offered by University of Colorado System. Whether you are accessing a bank website, Netflix or your home router, chances are that your ... Enroll for free.
GitHub - trimstray/test-your-sysadmin-skills: A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A. - GitHub - trimstray/test-your-sysadmin-skills: A collection of Linux S...
Windows Windows Server deployment, configuration, and administration - Training
Windows Server deployment, configuration, and administration
General Systems Overview GitHub - kahun/awesome-sysadmin: A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.
A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP. - GitHub - kahun/awesome-sysadmin: A curated list of amazingly awesome open source sysadmin resources ins...
GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other resources
A collection of awesome security hardening guides, tools and other resources - GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other reso...
Networking Resources Core Networking Concepts
IP Configuration ip address
, ip neighbor
, ip link
Get-NetAdapter
Get-NetIPConfig
or ipconfig
Get-NetIPAddress
Get-NetNeighbor
IP Subnet Calculator
Host Discovery
Packet Capture and Analysis Wireshark and tshark
tcpdump
Sockets netcat
or nc
socat
netstat
or ss
DNS Troubleshooting nslookup
or dig
/etc/resolv.conf
Resolve-DnsName
Get-DnsClientServerAddress
Get-DnsClientCache
DNS Dumpster MXToolbox
Remote Connectivity OpenVPN Wireguard IPsec ssh
scp
plink.exe
Firewalls
Proxies
Free Networking Training Hands-On Labs Labs | Pacific Cybersecurity
VIDEO
NAT VIDEO
Subnetting Quick Subnetting - All in your head!
This probably isn’t new for most of you guys, but I thought I’d share what my book taught me. It makes subnetting quick and easy to figure out in seconds.
DNS VIDEO
Encapsulation What is the OSI Model? Computer Networking for Beginners
In this article, you will learn about the core concepts of the Open Systems Interconnections (OSI) model in a simple and easy way. As a developer, it’s a good idea to learn how things work “under the hood”. That way you understand what your code and the tools you use
Proxies
Cryptography VIDEO
Tor VIDEO
General Networking Overview Computer Networking: a Top Down Approach
Check out the links under the "Resources (for everyone)" tab Networking for Web Developers | Free Courses | Udacity
Take Udacity’s Networking for Web Developers course and learn how the internet works. Explore the underpinnings of the net with tools like traceroute, tcpdump, and nc.
Computer Networking | Free Courses | Udacity
Sign up for Udacity’s Computer Networking course, an advanced Computer Networking program that delves into the latest concepts and tools used by the CN industry.
Well-Known TCP/IP Port Numbers, Service Names & Protocols [Comprehensive Reference]
A comprehensive list of commonly used network port numbers and a description of service provided by each.
GitHub - nyquist/awesome-networking: Curated list of awesome computer networking resources
Curated list of awesome computer networking resources - GitHub - nyquist/awesome-networking: Curated list of awesome computer networking resources
GitHub - friskfrysefrugt/awesome-networking: A curated inexhaustive list of network utilities
A curated inexhaustive list of network utilities. Contribute to friskfrysefrugt/awesome-networking development by creating an account on GitHub.
Web Resources Core Web Concepts HTTP methods and headers Web servers Proxies Directories and files HTML CSS JavaScript Databases Inputs and parameters
CLI HTTP Clients curl
wget
Invoke-WebRequest
Invoke-RestMethod
DOM Inspection Browser developer tools (F12 key) Content Discovery Brute Force HTTP Proxies Web Stack Analyzers
Free Web Training Web Development Learn HTML | Codecademy
Start at the beginning by learning HTML basics — an important foundation for building and editing web pages.
HTML & CSS Courses & Tutorials | Codecademy
HTML is the foundation of all web pages. It defines the structure of a page, while CSS defines its style. HTML and CSS are the beginning of everything you need to know to make your first web page! Learn both and start creating amazing websites.
Learn JavaScript | Codecademy
Learn how to use JavaScript — a powerful and flexible programming language for adding website interactivity.
Learn SQL | Codecademy
In this SQL course, you’ll learn how to manage large datasets and analyze real data using the standard data management language.
Learn Node.js | Codecademy
Learn about the different components of a web application’s back-end and explore the Node.js JavaScript runtime environment.
Web Server Administration GitHub - trimstray/nginx-admins-handbook: How to improve NGINX performance, security, and other important things.
How to improve NGINX performance, security, and other important things. - GitHub - trimstray/nginx-admins-handbook: How to improve NGINX performance, security, and other important things.
Web Security Web Security Academy: Free Online Training from PortSwigger
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.
OffSec’s Exploit Database Archive
The GHDB is an index of search queries (we call them dorks) used to find publicly available information, intended for pentesters and security researchers.
Search Engine Cheat Sheets Google Search Operators: 40 Commands to Know in 2023 (Improve Research, Competitive Analysis, and SEO)
Google search operators are your secret tools to get enhanced info you can use for SEO, content research, & more. Get the full list here!
General Web Overview The Web In Depth
Hacker101 is a free class for web security. Whether you’re a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you.
HTTP request methods - HTTP | MDN
HTTP defines a set of request methods to indicate the desired action to be performed for a given resource. Although they can also be nouns, these request methods are sometimes referred to as HTTP verbs. Each of them implements a different semantic, but some common features are shared by a group of t…
List of HTTP header fields - Wikipedia
Programming Resources Core Programming Concepts Object-oriented programming (OOP) Data types Variables Flow logic (if/else) Loops Functions Source code review Modifying exploits
REPL
R ead
An interpreter reads your input
E valuate
An interpreter executes (evaluates) your instructions
P rint
An interpreter prints any output or errors
L oop
An interpreter loops back to repeat the process
Programming Languages with a REPL:
Python PowerShell JavaScript (Node.js) 💡
Learning to code first with a REPL as a beginner can be highly beneficial, as you can run and change your code on the fly without waiting for a compiler or debugger, so you get instant feedback on your input
Free Programming Training Compiled & Scripting Languages VIDEO Example Scripting Languages Bash JavaScript PowerShell Python Ruby Example Compiled Languages
Hands-On Learning Exercism
Learn, practice and get world-class mentoring in over 50 languages. 100% free.
Language-Specific Training Bash Shell Scripting Tutorial
This tutorial is written to help people understand some of the basics of shell script programming (aka shell scripting), and hopefully to introduce some of the possibilities of simple but powerful programming available under the Bourne shell. As such, it has been written as a basis for one-on-one or…
Learn Shell - Free Interactive Shell Tutorial
learnshell.org is a free interactive Shell tutorial for people who want to learn Shell, fast.
PowerShell PowerShell as Your First Programming Language
In this post, I discuss why PowerShell makes a great first programming language
Automate administrative tasks by using PowerShell - Training
PowerShell provides a large set of commands with which you can automate your tasks, like user management, CI/CD, managing cloud resources and much more. There’s also testing capabilities via Pester and third-party modules you can install on your system, to extend your list of commands.
Learn PowerShell interactively through a series of challenges
Python Free Intro to Python Course | Free Courses | Udacity
Take Udacity’s free Intro to Python course, designed for beginners, and get an introduction to programming and the Python language. Learn online with Udacity.
VIDEO Learn Python - Free Interactive Python Tutorial
learnpython.org is a free interactive Python tutorial for people who want to learn Python, fast.
L337 Coding Challenges Codewars - Achieve mastery through coding practice and developer mentorship
A coding practice website for all programming levels – Join a community of over 3 million developers and improve your coding skills in over 55 programming languages!
HackerRank - Online Coding Tests and Technical Interviews
HackerRank is the market-leading technical assessment and remote interview solution for hiring developers. Start hiring at the pace of innovation!
Cybersecurity Resources Red Offense Cheat Sheets HackTricks - HackTricks
Welcome to the page where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.
Introduction - The Hacker Recipes
GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. - GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common ...
GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and ...
Reverse Shell Cheat Sheet | pentestmonkey
pentestmonkey
Offense Collections Infosec_Reference | An Information Security Reference That Doesn’t Suck!
Free resource for anyone interested in learning more about Information Security.
Massive collection of various infosec references GitHub - yeyintminthuhtut/Awesome-Red-Teaming: List of Awesome Red Teaming Resources
List of Awesome Red Teaming Resources. Contribute to yeyintminthuhtut/Awesome-Red-Teaming development by creating an account on GitHub.
Cybersec Cheat Sheets in all Flavors! (Huge List Inside) by
u/HeyGuyGuyGuy in
cybersecurity
Hacking Training For The Best
From beginners to experts, this is where hackers level up! Join today and learn how to hack.
Limited free plan TryHackMe | Cyber Security Training
An online platform for learning and teaching cyber security, all through your browser.
Limited free plan Proving Grounds: Virtual Pentesting Labs | Offensive Security
Explore the virtual penetration testing training practice labs offered by Offensive Security. Now available for individuals, teams, and organizations.
Limited free plan Vulnerable By Design ~ VulnHub
VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
Host your own vulnerable VMs picoCTF - CMU Cybersecurity Competition
picoCTF is a free computer security education program with original content built on a capture-the-flag framework created by security and privacy experts at Carnegie Mellon University.
247CTF - The game never stops
247CTF is a security learning environment where hackers can test their abilities across a number of different Capture The Flag (CTF) challenge categories including web, cryptography, networking, reversing and exploitation.
Web Security Academy: Free Online Training from PortSwigger
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.
Hacker101 CTF
The Hacker101 CTF is a game designed to let you learn to hack in a safe, rewarding environment. Hacker101 is a free educational site for hackers, run by HackerOne.
🔗
Pwnable.kr — Variety of interactive security challenges
Blue Defense Frameworks Cybersecurity Framework Components
The Introduction to the Components of the Framework page presents readers with an overview of the main components of the Framework for Im
Cyber Kill Chain®
Developed by Lockheed Martin, the Cyber Kill Chain® framework is part of the Intelligence Driven Defense® model for identification and prevention of cyber intrusions activity. The model identifies what the adversaries must complete in order to achieve their objective.
Defense Cheat Sheets GitHub - chrisjd20/Blue-Team-Cheat-Sheets: Blue Team Cheat Sheats
Blue Team Cheat Sheats. Contribute to chrisjd20/Blue-Team-Cheat-Sheets development by creating an account on GitHub.
Blue Team Tips
What are the best recommendations to a completely vulnerable, easily pwnable network? Where do you start? what tools? what logging? #DFIR #BlueTeamTips
Threat Hunting & Detection techniques
Enabling your Windows logs
Defense Collections Infosec_Reference | An Information Security Reference That Doesn’t Suck!
Free resource for anyone interested in learning more about Information Security.
Massive collection of various infosec references SANS Blue Team Operations
Check out the "Primers", "Tools", "TCP/IP", and "Pocket Guides" menus! GitHub - fabacab/awesome-cybersecurity-blueteam: 🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams. - GitHub - fabacab/awesome-cybersecurity-blueteam: 🛡️ A curated collection of awe...
GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other resources
A collection of awesome security hardening guides, tools and other resources - GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other reso...
GitHub - SoulSec/resource-threat-hunting: Repository resource for threat hunter
Repository resource for threat hunter. Contribute to SoulSec/resource-threat-hunting development by creating an account on GitHub.
GitHub - hslatman/awesome-threat-intelligence: A curated list of Awesome Threat Intelligence resources
A curated list of Awesome Threat Intelligence resources - GitHub - hslatman/awesome-threat-intelligence: A curated list of Awesome Threat Intelligence resources
Free Resources - Blue Team Blog
Large list of free cybersecurity resources regurarly updated
Cybersec Cheat Sheets in all Flavors! (Huge List Inside) by
u/HeyGuyGuyGuy in
cybersecurity
CyberDefenders - Blue Team Training Platform
Blue team training platform for SOC analysts, threat hunters, DFIR, and security blue teams to advance CyberDefense skills.
LetsDefend - Blue Team Training Platform
Online soc analyst and incident response training platform for blue team members
Limited free plan Blue Team Labs Online
A gamified platform for cyber defenders to test and showcase their skills
Limited free plan Binary Analysis Practice