The following is a guest post from a good friend of mine, Magicbear, talking about a security learning platform we both enjoy using.
One of my favorite online security learning platforms is TryHackMe.com, which offers guided rooms that combine descriptions of the theory you need to know with tasks so you can practice actually doing security-relevant tasks around a wide range of topics. A thing I love about TryHackMe is that it starts at a much more basic level than some other sites, so it’s a good place to recommend beginners with an interest in networking or cybersecurity start their journey. This week, though, they launched a new, even more basic pathway, which they’re calling the Pre Security Pathway.
This pathway is meant to introduce beginners to basic concepts needed to build cybersecurity skills regardless of your intended career direction. It includes 5 sections of several “rooms” (their term for lessons) each to help you with an introduction to the field, network fundamentals, how the web works, and basics of the Windows and Linux operating systems. Unfortunately, the rooms about the OSI model, packets and frames, extending your network, how websites work, and how pieces of the web work together are behind a paywall, so you would need to purchase a $10/month subscription to finish the path. The other 10 rooms are available to free users, though. After completing all ten free rooms, I would definitely recommend this path to anybody with an interest in cybersecurity or just how information moves on the internet.
Built-in tools meant for learners give you an opportunity to practice your new skills even as you move towards interacting with the platform in the way a more experienced security professional would. For example, the “Identifying Devices on a Network” task of the “What is Networking” room gives you the following interactive tool to practice a basic form of MAC address spoofing:
These interactive tools help contextualize the information in a way that reading a book or article about MAC spoofing wouldn’t, and are also much easier to use than the tools professional penetration testers would use to spoof a MAC address in an engagement, because you really don’t need the professional penetration tester’s level of tool proficiency to learn something useful about how a mac address works.
In addition to all the great educational content, TryHackMe are offering tickets to win prizes ranging from stickers to vouchers for certification exams or premium access if you complete rooms in this pathway before July 15 (or write a review blog by July 13). If you don’t have a TryHackMe account yet, you and your referrer can get a bonus ticket for signing up with a referral link (like mine!). Happy Hacking!