How to Get Started with Cybersecurity and Ethical Hacking

A simple hands-on guide based on real experience.

RivuDon

InfoSec Write-ups

· ~5 min read · April 19, 2026 (Updated: April 19, 2026) · Free: No

📩 Read for Free CLICK HERE.

Who am I?

Hello, my name is Rivek Raj Tamang (RivuDon), a Security Researcher, Bug Hunter, and an Ethical Hacker with a Master's in Cybersecurity, a Certified Ethical Hacker from Sikkim, India. I have helped secure 100+ companies, received bounties, swags, Hall of Fames mentions, Letter of Appreciation / Recognition, CVEs and more.

Feel free to connect with me on my LinkedIn and say "Hi".

If you don't know where to start in cybersecurity, this guide will save you months of confusion.

Hi readers, this write-up is a guide on How to Get Started with Cybersecurity and Ethical Hacking. I will share my experience, resources, tips and tricks and all essential elements for you to get started.

Let's get started!

Who is this for?

This guide is for anyone who wants to learn cybersecurity and ethical hacking.

As they say:

"There is no age limit to learning."

All you need is curiosity, patience, discipline, and a strong hunger to learn. Nothing can stop you.

Pre-requisites

An open mind to learn
Internet connection
A computer (mobile/tablet/laptop/desktop)
Hunger for knowledge

A background in computer science is helpful but not required. You can learn everything from scratch. All it takes is time and consistency. It doesn't matter if you have a degree or not. You can still learn it!

My Experience and Advice (Optional Read)

My journey with computers started at a very young age. I was lucky to grow up around technology from arcade games and old mobile phones to a broken laptop, and later my first real personal computer.

I was an active kid who loved sports, but whenever I was alone, I spent time exploring the digital world. That's where my love for computers started. I started cybersecurity during my diploma, but I already knew the basics of computers. The internet became my best friend. I learned everything by searching from simple things like cooking to finding real vulnerabilities. It's a never-ending journey.

My background is in computer science, but to be honest, around 95% of what I know in cybersecurity came from the internet and most of it was free.

My journey may not be the same as yours, but you can still learn from it. There is no single roadmap everyone finds their own path. The only thing I want you to take from this guide is to become consistent and disciplined.

Even on days I didn't feel like it, I still learned something. That habit made the difference.

The Guide

1. Start with Computer Fundamentals and Networking

Before learning cybersecurity, you need to understand the basics. These are the foundation.

What to learn:

Operating Systems (Windows/Linux)
Basic software and applications
Basic web development (HTML, CSS, JavaScript)

Just learn the basics, you don't need to become a developer.

Start Here:

Computer Basics

https://youtube.com/playlist?list=PL4316FC411AD077AA&si=48hgDiv5weE_SGjL

Linux Basics

Commands: 60 essential Linux commands every user should know

https://www.youtube.com/watch?v=eQbIxEw3AI0 https://www.geeksforgeeks.org/linux-unix/introduction-to-linux-operating-system/

Basic Web Development

HTML: https://www.w3schools.com/html/

JavaScript: https://www.w3schools.com/js

CSS: https://www.w3schools.com/css/

Important Concepts:

What happens when you type a URL
HTTP (Requests, Responses and Methods)
Networking Basics (IP, Ports, DNS)

Even if you know these topics, revise them. Strong basics make everything easier.

2. Programming and Scripting (Optional but Useful)

Learning programming is not required, but it gives you an advantage.

Focus on understanding the code, reading code and writing simple scripts.

Bash Scripting

https://www.w3schools.com/bash/index.php

Programming Language (Python/C++/Java)

https://www.w3schools.com/python/

3. Networking

Networking is key in cybersecurity. You need to understand how data flows.

This helps you intercept traffic, analyze requests, find vulnerabilities and much more.

Focus on:

TCP/IP Model https://www.geeksforgeeks.org/computer-networks/tcp-ip-model/
OSI Model https://www.geeksforgeeks.org/layers-of-osi-model/
Ports & Protocols https://www.geeksforgeeks.org/common-ports-used-in-computer-network/
DNS Explained https://www.cloudflare.com/learning/dns/what-is-dns/

Networking Course from CISCO:

https://www.netacad.com/courses/networking-basics?courseLang=en-US

4. Cybersecurity

Once your basics are clear, you can start learning cybersecurity.

Understand the basics:

CIA Triad (Confidentiality, Integrity and Availability)

What is the CIA Triad and Why is it important? | Fortinet

Offensive vs Defensive (Red Team vs Blue Team)

Red Team VS Blue Team: What's the Difference? | CrowdStrike

Cybersecurity Course by CISCO: https://www.netacad.com/courses/cybersecurity-essentials?courseLang=en-US

Red Team (Offensive Security) / Ethical Hacking

Focuses on attacking systems ethically.

What is Penetration Testing/Ethical Hacking? Introduction to Ethical Hacking — GeeksforGeeks What is Penetration Testing? | IBM
OWASP Top 10 https://owasp.org/www-project-top-ten/

P.S. You should spend a lot of time in Tryhackme and even if you plan to get the premium it's not a waste because there are tons of resources theory and practical hands on that you can learn from and become habitual with the way and life of a pentester/ethical hacker.

TryHackMe | Cyber Security Training

Course by CISCO: Ethical Hacker

Blue Team (Defensive Security)

Focuses on detection, monitoring, and defense.

What is Blue Team What is Blue Team? | IBM
SIEM Basics SIEM: Security Information & Event Management Explained | Splunk
Incident Response Lifecycle Incident Response Steps & Phases: NIST Framework Explained

Purple Team (Offensive + Defensive)

Combination of Red + Blue.

Purple Team Explained The Purple Team: Combining Red & Blue Teaming for Cybersecurity | Splunk

5. Practical Labs/CTFs

This is where real learning happens.

TryHackMe (Beginner Friendly) https://tryhackme.com/
Portswigger Labs (Beginner Friendly) https://portswigger.net/web-security/all-labs
Hack The Box (Intermediate) https://www.hackthebox.com/
Pentesterlabs (Beginner Friendly) Advanced Web Hacking and Security Code Review Training | PentesterLab
Vulnhub (Vulnerable Machines) https://www.vulnhub.com/
PICO CTF (Capture the Flag) https://www.picoctf.org/

6. Courses/Certification Suggestion (Optional)

TCM Security — Academy — TCM Security (Free and Paid)
Practical Ethical Hacking by TCM Security Practical Ethical Hacking — TCM Security (Paid)

Tips and Tricks

Make detailed notes for your journey (Use any note taking applications like Notion, Obsidian etc.)
Track your time and progress for optimized and efficient learning
Join groups, communities, follow cybersecurity professionals, watch videos and read recourses and writeups.
Set goals and achievements for your journey
Feed your hunger for knowledge, but never stop learning be curious, trust the process and enjoy it.

"It's not the destination, It's the journey." — Ralph Waldo Emerson

P.S. I will keep updating this guide so feel free to save it for future and follow me for updates on it. Hack the World! ✨

The End

If you find this article helpful, please do follow, give claps and leave a comment, to read more from me and encourage me to write more. ♥️

🎯Read my other Bug Bounty Writeups here ⬇️

List: Rivek's Blog List | Curated by RivuDon | Medium

Rivek's Blog List · 29 stories on Medium

medium.com

Feel Free to connect with me on LinkedIn: (P.S. Do drop a message when sending a connection request.) https://www.linkedin.com/in/rivektamang/

🌐We also have a community of hackers and bug bounty hunters on a WhatsApp group feel free to join:

Hack-R Academy

Group Invite for WhatsApp

whatsapp.com

Thank you ❤

#infosec #cybersecurity #ethical-hacking #bug-bounty #information-security

< Go to the original