Starting your journey in ethical hacking can be daunting, but with the right resources and a structured approach, you can build a strong foundation. Redditors have shared a wealth of advice on the best platforms, courses, and methodologies to help you get started for free or at a low cost.

Foundational Skills

Before diving into ethical hacking, it's crucial to build a strong foundation in core IT areas:

• Networking: Learn the basics of networking. "Learn networking first, read/watch Network+ or CCNA material."

• Linux: Become proficient in Linux, as it's a primary OS for many hacking tools. "learn linux, properly, and networking, that base will give you the skills to move towards your goal"

• Programming: While not strictly necessary for all aspects, programming skills can significantly enhance your capabilities. "I would recommend a Python or JavaScript course, of which there are a ton online."

Interactive Learning Platforms

These platforms offer hands-on labs and structured learning paths:

• TryHackMe: Highly recommended for beginners due to its structured learning paths and interactive labs. "Start at TryHackMe and progress from there bro. THM has labs, walkthrough rooms and much more"

• Hack The Box: Great for more advanced practice and real-world simulations. "Hack the box, all day erry day"

• PortSwigger Web Security Academy: Excellent for web hacking and bug bounty. "Portswigger Academy / htb / rootme / crackmes.one / ctftime etc... (:"

Certifications and Structured Courses

Consider these for a more formal learning path and potential career advancement:

• CompTIA Trifecta: Includes A+, Network+, and Security+, providing a comprehensive IT foundation. "If you’re serious, start with the CompTIA Trifecta (A+, Network+ and Security+)."

• Cisco Net Academy: Offers free courses in cybersecurity and networking. "Cisco has a free EH course online"

• Redfox Academy: Provides free and low-cost bootcamps and structured courses. "We started an academy called Redfox Academy."

Books and Guides

For in-depth understanding and reference:

• OWASP Top 10 + Testing Guide: Essential for web application security. "Good resources: PortSwigger Academy, OWASP Top 10 + Testing Guide..."

• "The basics of hacking and penetration testing" by Patrick Engebretson: Recommended for a clear overview of the pentesting process. "A great and easy-read book i recommend is 'The basics of hacking and penetration testing' by Patrick Engebretson."

Methodologies and Practice

Learn the systematic approach to ethical hacking and practice regularly:

• Recon, Mapping, Testing, PoC, Reporting: Follow a structured methodology for penetration testing. "Repeatable workflow: recon -> map -> test -> PoC -> report."

• CTFs (Capture The Flag): Participate in CTFs to apply your skills in a competitive environment. "Portswigger Academy / htb / rootme / crackmes.one / ctftime etc... (:"

General Advice

• Consistency and Curiosity: Stay curious and consistent in your learning. "The longer you procrastinate with thinking about this, the later you actually start"

• Avoid Mentors (Initially): Utilize the vast free resources available before considering paid mentorship. "Whatever you do brother please do not hire a mentor. The internet already has so many amazing resources for you to utilize."

• Community Engagement: Join study groups and forums to learn from others. "I’d love to be your study partner as well."

Subreddits for Further Learning

• r/Hacking_Tutorials

• r/tryhackme

• r/HowToHack

• r/cybersecurity