June 30, 2026
I Asked My Mentor to Show Me Real Hacking.
A warm hello from my side, I am Lakshya, here I am going to put forward my view from a complete beginner’s perspective on cybersecurity…

By Lakshya Choradia [jain]
4 min read
I Asked My Mentor to Show Me Real Hacking. He Just Closed the Laptop. — From the Eyes of a Beginner on Cybersecurity, Ethical Hacking & Bug Bounty
A warm hello from my side, I am Lakshya, here I am going to put forward my view from a complete beginner's perspective on cybersecurity, ethical hacking, and bug bounty.
CHAPTER -1 THE AUDACITY
A brief intro about me: I was not a tech kid, nor did I have any plan to become a cybersecurity professional, but things went in a way that I felt more curious about it [yeah, that hacker vibe 😜 too, won't lie], and I found it promising for my career growth and aligning with my future plans.
So, as a 17-year-old, I started watching videos on YouTube [yeah, those Instagram hacking videos 🤣 too], people were using the Kali terminal, multiple lines of code scrolling by, perfectly aligning with what I was looking for. But TBH, I learnt nothing great. Finding out that people earn thousands of dollars in bug bounty fascinated me even more, and just to flex in front of my friends I memorized some tool names. But this took a turn for the better.
CHAPTER-2 THE ENLIGHTENMENT So, I had a meeting with a senior cybersecurity professional, who is a point of inspiration and a mentor in my ongoing journey. As a complete noob, I had already installed VirtualBox and Kali Linux on my laptop and went to him just to see real hacking [yeah, that YouTube one]. He just put the laptop aside. I could not understand the reason that day, but then he explained the learning process, which I followed.
The helpful part for you [like, where to start?]
So I started learning with:
- What is an IP address, how the whole internet works, what rules it follows, different classes, etc.
- Then about DHCP and DNS, how to configure them, their usage, the three-way handshake, how devices communicate
- Then about Windows Server, how websites are hosted, how companies deploy and use them, their maintenance, etc.
- Why cybersecurity professionals are required, the TCP/IP layers, different kinds of protocols
- Then about different types of OS, their USP and use case, why Linux is given prime respect
Some of the labs on TryHackMe (THM) [I had a 100+ day streak there].
Then, on an early winter's night in 2025, I felt enlightened and literally laughed at what I had been doing and thinking months before, my audacity to ask my mentor to show me a "real hack" on Kali Linux 🤦♂️🤣 [like, now I feel it's the highest level of cringe I've ever pulled off].
**CHAPTER-3 THE UNLEASHING OF FEAR — **Dunning-Kruger's Trap
So the best and worst part of human nature happens when you are "enlightened." As a relatable example: before, when I knew less, or just the creamy layer of the cybersecurity field, it felt smooth, no problem, just learn and execute. But things changed completely after I started feeling enlightened. I found my mind in a scorching state, thinking about my next step. Now I had multiple resources, but what to start first? Should I be a bug hunter? Should I be a pentester? Thoughts started emerging.
There are so many, and way better, bug hunters than me. Would I ever find bugs? Would I get pentesting clients? [These thoughts started coming when I knew little about vulnerabilities.] That clarity of the beginner's mind, that "just learn and earn" mindset, was fading in front of my eyes.
The other fear I encountered is the AI part. Seeing the recent advancements in AI, the Claude Mythos news, knowing from my mentor that AI is doing great work in pentesting, and beginner jobs facing potential extinction within a year or two, hearing this as a person recently entering the field feels like a whole lot of a burden and horror.
I won't lie, I am in a state of searching for answers to the questions arising. The concluding answer to these thoughts is still in process; god knows if I get enlightened a second time.
CHAPTER-4 THE BEST AND WORST PART OF CYBERSECURITY The best part of this field is its open-source nature. The people and large organizations here are very helpful and beginner-friendly; you can find tools, perspectives, opinions, procedures, and methodologies completely free throughout the web. With even a little experience, I feel like this field is one of the most welcoming fields for beginners.
Yeah, it has some cons too, like:
- You are a lone wolf here
- Most of the work in this field is WFH
- Biologically, we humans are not made to sit for hours, but here we are, sitting throughout the day. Eye, heart, and obesity problems are real if ignored.
The above conclusions are based on my own perspective; let's see what else I find as I continue my journey in this field.
CHAPTER — 5 CURRENT STATE Currently, I have completed access control, and started on other vulnerabilities too. I think this deserves a separate blog, which I will publish later.
CHAPTER -6 CONCLUSION
So, if you're a newbie reading this and quietly panicking about where to start, or an AI headline, or whether you're "behind" — I see you, because I was you a few months ago [and honestly, still am, some days]. This field doesn't owe you a smooth ride or a clear roadmap, but it does reward the ones who keep showing up cringe phase, enlightenment phase, and the Dunning-Kruger spiral included. If this article made even one person feel a little less alone in that mess, it did its job. Enlightenment round two, I'm coming for you. Together, we'll figure this out 🤝.
Connect with me here👇
https://www.linkedin.com/in/lakshya-choradia-jain-499b79419/