I have come a long way in cybersecurity. Here’s why I'm eligible for writing this, I have faced every problem, had sleepless nights, and lots of head-bashing. So let me save you a few years of pain and an eternity of suffering.
I’ll tell you exactly what problems exist and how to mitigate/solve them.
Free-Course Epidemic:
Nowadays, teaching has become more than actual work in cybersecurity. This gives rise to poor-quality free courses by another top YouTuber who speaks well or perhaps has enough time to spend as they not doing actual projects. Understand that free courses are free for a reason. Free webinars are traps to pitch a new course. Stay away from these free courses. There is a difference between community-backed content and free courses by XYZ YouTubers.
You get a good free course, now what? You watch something but you know that nothing is waiting on the other side, so you slack off. You rather binge youtube. This is simply human tendency and it's not your fault.
Solution:
Invest minimum into reputed paid courses backed by actual people who know their shit.
Understand that there exists, a fallacy of credibility, one might be super good in networking but should you learn AD pentesting from him? Perhaps no
Have a clear plan before taking the course, distribute your time and take notes.
Read more!
All these hackers you see scoring good bounties and popping shells read a lot. Yes, good hackers read because it's easier to absorb information like that. I cannot recite 100 lines of python code to you, you need to read it, read the documentation. Read other blogs including mine;) and that's how you grow. The people who are afraid to read will be limited to certain areas and they lack understanding. Stay away from these low fruit grabbers who lack the importance of reading. Reading is like taking a bucket to a lake, if you take bucket by bucket, the lake eventually will get empty. Its better to try reading. Here's a task. Start by reading non-cyber security stuff first, develop a habit of reading from actual books and not just screen. If you have already done this, I will guarantee your success.
Solution:
Become comfortable by reading, start with nontech books.
READ>TAKE NOTES>READ NOTES>REPEAT — Mahatma Gandhi
Stick with basics:
Basics are like using a knife, if you do not learn to use it properly in the beginning then you’ll hurt yourself and regret it later when it's too late. Take that extra hour to clear up bash scripting, those boring networking concepts, and that dumb Linux commands. I always found more bugs cause I mastered linux, Pro tip: Master Grep, sed, awk, and regex. It’ll help you out and you’ll thank me later. Basics help you to build a foundation, remember, that you’ll always build on top of it so make sure it's strong.
Solution: Take extra time to complete all exercises related to basic stuff and don’t even look at advanced stuff before completion.
Don’t talk to idiots/Find a mentor:
I learned most stuff alone, from using a phone termux to setting up a lab, I did it without a mentor, but now that I have the opportunity to actually get a mentor, I suggest everyone to do it. They have walked in your shoes and they’ll help you out. Ask people, infosec is a tight community so most people are super helpful. Join groups and stalk these people who are contributing to the community and not in for the money. Another thing is that do not talk to idiots, they’ll waste your time and you’ll spend lots of time learning useless stuff so just ask for help from genuine good-willed people.
Solution: Dm and email people you admire and you’ll be shocked. Be kind, don’t bootlick, and ask relevant questions.
Prepare for a journey:
Things don’t have to make sense now, maybe you’re a beginner or an intermediate. Things are difficult and it will not get easier. The thing that will separate you from the other is not your intelligence or your talent but your perseverance. If you stay put, consistently work closer and closer taking small steps and not leaps. You’ll reach there. There though does not exist but the journey is beautiful and after some time you’ll fall in love with the process and once you fall in love with this, there is no looking back:)
Solution: Focus on the process and not the goals, goals will be resolved but the process will remain.
I am the master of my fate.
I am the captain of my soul-Invictus(William Ernest Henley)
