How to Learn Cyber Security (Free & Paid Options)
Why Should I learn Cyber Security 🤔
Personal Reasons
I’d find it very rare or almost impossible to find someone who does not have experience with a cyber attack themselves personally. Data Breaches, Unauthorized Logins, Phishing Texts, Unsolicited Calls, and threatening emails, I’m sure we’ve all experienced at least one or two of those. Wouldn’t it be cool to find out the motives, techniques and tools that threat actors are using to exploit us. Knowing this information, we could identify when a cyber criminal is trying to extort us and protect again this in the future. We can also understand the magnitude they can do with our data and protection we can put in place in the future to prevent against future attacks.
Career Reasons
Cyber Security is one of the fasted growing industries in the technology sector. The Demand is high and companies are legally required to have teams in place to prevent cyber attacks. Regulations such as GDPR require companies to always be alert with storing customer data, and companies collaborating with government entities are required to protect intellectual property and abide by export controls. The career progress is great from start to finish and the pay is very generous.
Just for Fun!
Maybe you’re a fun of Mr Robot like me, or you find cyber security interesting. Learning about cyber security, especially penetration testing is very entertaining and gives a very rewarding feeling! It’s also a cool skill to tell your friends.
My Favorite Ways to Lean Cyber Security
Getting-Hands On!
OWASP WebGoat (Beginner Friendly)
https://owasp.org/www-project-webgoat/
Price: Free – Hosted on your own system.
WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.
WebGoat is absolutely great for learning. There is no prior knowledge needed to learn webgoat and it will introduce you to the most common cyber security exploits and even let you try them yourself as if you were the attacker.

HackTheBox (Intermediate friendly)
https://www.hackthebox.com/
Price: Free for limited access, £10pm for full access – Hosted on company server.
HackTheBox is an online website which let’s you practice your penetration testing (Capture the flag). They give you access to vulnerable virtual machines in varying difficultly and then you must figure out how to hack the website and retrieve some text (also known as a flag).
TryHackMe (Beginner Friendly)
https://tryhackme.com/
Price: Free for limited access, £6pm for full access – Hosted on company server.
TryHackMe is similar to hack the box and gives you Capture the flag, vulnerable boxes to try hack into. However, instead of giving you a vulnerable box and letting you get-on with it, the website tries to educate the user and teach them how to hack the box instead of the user figuring it out for themselves.