Recommended Learning Path for Beginners
Nobody is born with knowledge of any of this material. If you encounter someone very skilled, know that they've likely been practicing for a long time. It didn't come to them overnight, I can promise you.
It may seem like there's a mountain of materials to learn. There are no shortcuts, so try to enjoy the climb. As long as you keep learning a little bit at a time, you will learn enough that more things will start making sense. The investment of your time will be worth it.
Please also note, you do not need to be an expert in all of these domains. The idea is to build confidence with a broad understanding of these topics.
If English is not your native language, you might consider slowing the video speed and enabling subtitles (if available), as some of the speakers may talk a bit quickly.
Systems Administration
- Highly Recommended Viewing
- A series of brief videos that will introduce you to the technical metamorphosis of computers and their various parts. Very good stuff!
- Introduction to Operating Systems (13:35)
- Introduction to Memory and Storage (12:16)
- Introduction to Files and File Systems (12:02)
- Introduction to Command Line Interfaces (11:23)
- Introduction to Graphical User Interfaces (GUI) (12:58)
- Codecademy: Intro to IT -- Learn Interactively
- Windows and Linux Admininstration Crash Course by Google
- Operating Systems and Command Line Interfaces (Playlist)
- Server Administration (Playlist)
- Building Virtual Machines with VirtualBox (15:34)
(enable virtualization in your BIOS settings)
Optional: Professor Messer's A+ Videos (click to expand)
- Professor Messer's A+ Training Course Part 1
- Professor Messer's A+ Training Course Part 2
- Note: This is not a recommendation to get the certification unless needed for a job! You can just watch the videos.
- I linked the Professor Messer A+ content, because it will introduce you to:
- Hardware concepts
- Operating systems concepts
- Troubleshooting methodology (which is useful to build analytical skills)
Computer Networking
- Computer Networking: Crash Course (12:19)
- The Internet: Crash Course (11:57)
- Complete Computer Networking Course by Google (Playlist)
- Hands-On Practice: Building a Network in GNS3
- I'd recommend doing the lab in this order as some of the concepts may be difficult for complete beginners
- Steps 1, 2, 3
- Then, steps 6, 7, 8, 9
- If you're feeling ambitious, you could do the entire lab, but there are some concepts that may be best saved for later
- I'd recommend doing the lab in this order as some of the concepts may be difficult for complete beginners
Optional: Professor Messer's Network+ Training Videos (click to expand)
- Professor Messer's Network+ Training Videos
- The Complete Computer Networking Course above should cover almost everything you need to know.
- You could additionally watch Professor Messer's course here
- This is not a recommendation to get the certification unless needed for a job!
Web
- The World Wide Web: Crash Course (11:36)
- How DNS Works (6:04)
- HTTP and HTML: Internet 101 (7:06)
- TryHackMe: Web Fundamentals (Lab)
Programming
- Learn Programming Fundamentals Interactively
- PowerShell as Your First Programming Language
- Intro to Python
- Programming 101: How Programming Controls Hardware, Networking, and More
Systems Administration Resources
Core Systems Concepts
- Storage
- CPU
- Memory
- Boot procedure
- System internals
- Core directories
- Filesystem hierarchy
- Windows Registry
- Event and audit logs
Terminals
- Linux
- Bash
- Zsh
- PowerShell
- Windows
- PowerShell
- cmd.exe (legacy)
Common Command Line Operations
- Create, delete, modify files and directories
ls
,mkdir
,cd
,touch
,nano
,cp
,mv
,rm
,vim
,Get-ChildItem
,New-Item
,Copy-Item
,Move-Item
,Rename-Item
,Remove-Item
- Manipulating file contents and text streams
grep
,cat
,sed
,awk
,tr
,cut
,paste
- PowerShell:
-split
,-replace
,-join
- Managing processes and services
ps
,kill
,systemctl
,service
,strace
,Get-Process
,Stop-Process
,Get-Service
,Stop-Service
,Restart-Service
- Installing and Uninstalling Packages
apt
,yum
,pkg
,pacman
,zypper
,winget
,Install-Package
,Uninstall-Package
- Downloading files and interacting with the web
wget
,curl
,Invoke-WebRequest
,Invoke-RestMethod
,[System.Net.WebClient]::DownloadFile()
Additional Resources
- TLDR - Unix/Linux Commands Explained
- Resolve Commands and Parameters to Explanations
- PowerShell Commands Explained
- PowerShell Commands and Syntax Index
- SysAdminToolbox
- Linux Sys Admin Cheat Sheet
- Check Your Cron Job Schedules
Free Systems Training
- Introduction to Operating Systems
- Introduction to Memory and Storage
- Introduction to Files and File Systems
- Introduction to Command Line Interfaces
- Introduction to Graphical User Interfaces (GUI)
- Windows and Linux Admininstration Crash Course by Google
- Getting Started with Virtual Machines and VirtualBox -- Enable Virtualization in your BIOS settings! If unsure how to do this, a Google search on how to do this on your computer model should get you the information you need.
- Professor Messer's Core 1 A+ Training Videos
- Professor Messer's Core 2 A+ Training Videos
- Linux Essentials
- Linux Journey
- Linux Server Management and Security (University of Colorado - Coursera)
- OverTheWire - Learn Linux and Security through Challenges
- Linux SysAdmin Quizzes
- Windows Server deployment, configuration, and administration
- Open Source SysAdmin Tools
- Security Hardening Collection
- Converting a Laptop into a Bare Metal Server
- Building a Security Lab in VirtualBox
Networking Resources
Core Networking Concepts
- IP addressing
- Subnetting
- Routing (ping, layer 3)
- Switching (ARP, layer 2)
- Firewalls
- TCP/UDP protocols & ports
- VLANs
- Tunnels
- Proxies
- DNS
- OSI model
- TCP/IP model
- Computer Networking Flowchart
Networking Tools
ip
(ifconfig
is deprecated)ip address
,ip neighbor
,ip link
Get-NetAdapter
Get-NetIPConfig
oripconfig
Get-NetIPAddress
Get-NetNeighbor
ping
arp-scan
nmap
- Wireshark and
tshark
tcpdump
netcat
ornc
socat
nslookup
ordig
/etc/resolv.conf
Resolve-DnsName
Get-DnsClientServerAddress
Get-DnsClientCache
- DNS Dumpster
- MXToolbox
netstat
orss
- OpenVPN
- Wireguard
ssh
scp
- plink.exe
netsh
iptables
pf
proxychains
- Burp (or ZAP)
Free Networking Training
- Computer Networks: Crash Course (Part 1)
- Computer Networks: Crash Course (Part 2)
- Complete Computer Networking Course by Google
- Computer Networking: A Top-Down Approach (Online Lessons)
- Highly recommended!
- Don't forget to check out the links under the "Resources (for everyone)" tab
- Hand-On Practice with GNS3
- Computer Networking for Web Developers (Explore the Protocols of the Internet)
- Computer Networking - Advanced Concepts
- Professor Messer’s Network+ Videos
- Getting Started in Networking
- IP Subnet Calculator
- Magic Number Subnetting
- What is the OSI Model?
- How DNS Works
- SNAT, DNAT, PAT & Port Forwarding
- Comparing Forward and Reverse Proxy Servers
- TCP and UDP Port Reference
- Wireshark Tutorial
- How SSH Works
- How Tor (Onion Routing) Works
- TLS Handshake Explained
- Networking Resources
- More Networking Tools
- Protocol Encapsulation Examples
Web Resources
Core Web Concepts
- HTTP methods and headers
- Web servers
- Proxies
- Directories and files
- HTML
- CSS
- JavaScript
- Databases
- Inputs and parameters
Web Tools
- Browser developer tools (F12 key)
curl
wget
Invoke-WebRequest
Invoke-RestMethod
gobuster
feroxbuster
ffuf
- Burp
- ZAP
- Wappalyzer
Free Web Training
- The World Wide Web: Crash Course
- HTTP and HTML | Internet 101
- List of HTTP Request Methods
- List of HTTP Headers
- Learn HTML
- Learn CSS
- Learn JavaScript
- Learn SQL
- Learn Node.js
- Free training from the creators of Burp Suite
- The Web in Depth
- Google Dorks
- Google Hacking Database
- Nginx Admins Handbook
Programming Resources
Core Programming Concepts
- REPL
- Read
- An interpreter reads your input
- Evaluate
- An interpreter executes (evaluates) your instructions
- Print
- An interpreter prints any output or errors
- Loop
- An interpreter loops back to repeat the process
- Languages with a REPL
- Python
- PowerShell
- JavaScript (Node.js)
- I highly recommend learning to code first with a REPL as you can run and change your code on the fly without waiting for a compiler or debugger
- Read
- Object-oriented programming (OOP)
- Data types
- Variables
- Flow logic (if/else)
- Loops
- Functions
- Source code review
- Modifying exploits
Example Scripting Languages
- Bash
- JavaScript
- PowerShell
- Python
- Ruby
Example Compiled Languages
- C
- C++
- C#
- Java
Free Programming Training
- Learn How to Code
- Programming 101: How Programming Controls Hardware, Networking, and More
- Bash Scripting Tutorial
- Learn Shell Scripting for Free
- PowerShell as Your First Programming Language
- UnderTheWire - Learn PowerShell trough Interactive Challenges
- PowerShell Scripting and Automation
- Intro to Python
- Learn Python - Full Course for Beginners
- learnpython.org
- Learn to Program in 50+ Languages -- for Free!
- Codewars Coding Challenges
- HackerRank Coding Challenges
- Comparing Compiled and Interpreted Languages
Cybersecurity Resources
Red
Offense Cheat Sheets
- PayloadsAllTheThings
- Active Directory Cheat Sheet
- HackTricks
- TheHackerRecipes
- GTFOBins
- LOLBAS
- WADComs
- Hacking Tools Cheat Sheet
- Reverse Shell Cheat Sheet
- Metasploit Payloads List
- List of TTY Generators
Offense Collections
Offense Training Platforms
- HackTheBox (Limited Free Plan)
- TryHackMe (Limited Free Plan)
- Vulnhub (host your own Vulnerable VMs)
- Pwnable.kr
- PortSwigger Web Security Academy
- Hacker101 CTFs
- Unescape Room (XSS Practice)
Blue
Defense Frameworks
Defense Cheat Sheets
Defense Collections
- Infosec Reference
- Cybersec Cheat Sheets in All Flavors
- SysAdminToolbox
- SANS Blue Team Tools Wiki
- I strongly recommend browsing the menus at the top.
- Primers/Reference
- Tools
- TCP/IP
- Pocket Guides
- I strongly recommend browsing the menus at the top.
- Awesome Cybersecurity Blue Team
- Awesome Threat Intelligence
- Awesome Threat Detection and Hunting
- General Threat Hunting Techniques
- Threat Hunting Resources
- Blue Team Blog