From Noob to Pro: How I Learned Cybersecurity in 3 Months
From Noob to Pro: How I Learned Cybersecurity in 3 Months
Cybersecurity always fascinated me—the idea of ethical hacking, digital forensics, and stopping cyber threats sounded thrilling. But I had zero experience and no idea where to start. Could I go from noob to pro in just three months? I decided to find out.
Here’s my journey from a complete beginner to understanding cybersecurity, ethical hacking, and even running security tests—all within 90 days.
If you’re starting from scratch and want to become a cybersecurity pro, this guide will save you months of confusion and give you a clear roadmap.
---
Month 1: Building the Cybersecurity Foundation
At first, cybersecurity felt overwhelming—so many tools, threats, and concepts to learn. I needed a structured approach, so I focused on learning the basics first.
Step 1: Understanding the Basics of Cybersecurity
I started by learning about:
✔️ How hackers think and attack systems
✔️ What are malware, phishing, ransomware, and trojans
✔️ What is network security, firewalls, and VPNs
✔️ How websites and operating systems can be hacked
Resources I Used:
π Courses:
"Introduction to Cybersecurity" (Cisco Networking Academy)
"Cybersecurity Essentials" (Coursera by IBM)
π₯ YouTube Channels:
NetworkChuck
Computerphile
π» Hands-on Practice:
I used TryHackMe (THM), an amazing cybersecurity platform, and completed the "Pre Security" path, which teaches basic cybersecurity concepts through interactive labs.
Biggest Lesson from Month 1: Cybersecurity is not just about hacking—it's about defending systems and understanding how attacks work.
---
Month 2: Getting Hands-on with Ethical Hacking
After learning the basics, I wanted to think like a hacker and start attacking systems (legally, of course!).
Step 1: Learning Linux & Command Line
Hackers and cybersecurity pros live in the terminal—so I needed to get comfortable with Linux. I installed Kali Linux (a hacking-focused OS) and learned:
✔️ Basic Linux commands (cd, ls, grep, chmod, etc.)
✔️ How to navigate Kali Linux
✔️ How to use Netcat, Nmap, and Wireshark
π Resources I Used:
TryHackMe’s Linux Fundamentals room
YouTube tutorials on Kali Linux basics
Step 2: Learning Network Security & Wireshark
I wanted to see how data flows across the internet and how hackers intercept and manipulate traffic.
What I learned:
✔️ How to analyze network packets using Wireshark
✔️ How MITM (Man-in-the-Middle) attacks work
✔️ How DNS spoofing is used to redirect users to fake websites
π Resources I Used:
Wireshark University (free online guides)
TryHackMe’s "Networking Fundamentals"
Step 3: Web Hacking & SQL Injection
Websites are common attack targets. I learned how hackers exploit vulnerabilities in websites using:
✔️ SQL Injection (SQLi) – Trick a website into giving unauthorized access
✔️ Cross-Site Scripting (XSS) – Inject malicious JavaScript
✔️ Broken Authentication – Bypassing login pages
π Resources I Used:
PortSwigger’s Web Security Academy (FREE!)
TryHackMe’s OWASP Top 10 challenges
---
Month 3: Real-World Penetration Testing & Bug Bounties
At this point, I had a strong cybersecurity foundation—now it was time to test real systems and think like a penetration tester (ethical hacker).
Step 1: Learning Penetration Testing Tools
I explored powerful hacking tools like:
✔️ Nmap – Network scanning & vulnerability discovery
✔️ Metasploit – Exploiting security flaws
✔️ Burp Suite – Hacking websites & APIs
π Resources I Used:
"The Web Application Hacker's Handbook" (a classic book)
TryHackMe’s "Offensive Security" path
Step 2: Trying CTF Challenges (Capture The Flag)
CTFs are real-world hacking challenges where you have to break into systems and find hidden “flags” (clues).
I started with beginner-friendly platforms:
✔️ TryHackMe CTFs
✔️ Hack The Box (HTB) – For more advanced hacking
✔️ PicoCTF – A great beginner CTF site
Step 3: Bug Bounty Hunting
I tried bug bounty programs—where companies pay hackers to find vulnerabilities. While I didn’t find anything major, I learned a lot about:
✔️ Real-world hacking techniques
✔️ How companies protect their systems
✔️ How to legally test for security flaws
π Resources I Used:
HackerOne & Bugcrowd (bug bounty platforms)
"Bug Bounty Bootcamp" (book)
---
The Results: Am I a Cybersecurity Pro Now?
After 3 months, I wasn’t an elite hacker, but I understood cybersecurity deeply and could:
✅ Analyze network traffic for suspicious activity
✅ Identify and exploit basic security flaws in websites
✅ Use hacking tools like Nmap, Wireshark, Metasploit
✅ Compete in CTF challenges and think like an attacker
Would I Recommend This 3-Month Plan?
✔️ YES – If you want a strong cybersecurity foundation FAST
✔️ YES – If you enjoy hands-on learning and solving challenges
❌ NO – If you just want to “learn hacking” without putting in effort
---
Final Cybersecurity Learning Roadmap (Noob to Pro)
Month 1: Cybersecurity Fundamentals
π Learn how cyber attacks work
π Study network security basics
π Start TryHackMe (Pre Security Path)
Month 2: Hands-on Hacking
π Learn Linux & Kali Linux basics
π Practice Wireshark & Network Security
π Explore Web Hacking (SQL Injection, XSS, etc.)
Month 3: Real-World Hacking
π Learn Penetration Testing tools (Metasploit, Burp Suite, Nmap)
π Solve Capture The Flag (CTF) challenges
π Try Bug Bounty Hunting
---
Final Advice for Cybersecurity Beginners
π Start small & stay consistent – Cybersecurity is a marathon, not a sprint.
π» Hands-on practice is key – The more you hack, the more you learn.
π¨π» Join cybersecurity communities – Twitter, Discord, and forums like Reddit are goldmines.
π Certifications help – Consider CEH, Security+, or OSCP if you want a career.
Would you take on this 3-month cybersecurity challenge? Let me know in the comments! π
Comments
Post a Comment