When I started to work with infosec I tried a lot of different ways to learn new stuff. I took some courses, read books, watched videos, etc.
But to learn new things, with some help on the way I found out that playing CTFs is a great way. These websites make hacking into a game, by giving you systems to play with, and your job is to get the token(s).
It may be a website you have to get access to, a windows server with vulnerable samba, or maybe a router with a default username/password combination. Some of the sites often have walkthroughs you can look at if you are stuck, and they are great for learning. But remember, DO EVERYTHING yourself as well, that’s the way you learn. Another important thing to remember is that these techniques should only be used on testing like this, using it in the wild may be illegal.
Well enough chatting about, here is my list of some great CTF sites.
- hackthebox The one I pay for atm, mostely because of great labs, and the Parrot OS you get access trough your webbrowser(a great way to make your self safe)
- tryhackme Have some great intro tutorials.
- picoctf For people from the age of 13 and up. But dont get fooled, some of them are real hard. Free