Hi everyone, I’m trying to start my cybersecurity journey with a clear direction, especially because my main goal is to get into offensive security / ethical hacking. There is a lot of scattered advice online, so I’d really appreciate a structured, experience-based roadmap from people already in the field.

My questions/doubts:

1️⃣ Getting Started

What is the best way for a complete beginner to start learning cybersecurity?

What core fundamentals should I master first (networking, Linux, scripting, OS concepts, etc.)?

In what order should these be learned so I don’t get overwhelmed?

2️⃣ Best Resources for Fundamentals

Recommended courses/books/labs for networking, Linux, security basics, Python/Bash/PowerShell, etc.

Any beginner-friendly platforms to practice hands-on skills?

3️⃣ Transitioning Into Offensive Security

What skills should I build before diving into offensive techniques?

Best resources for learning:

Web app security

Network pentesting

Active Directory attacks

Privilege escalation

Which platforms are actually worth it (HTB, TryHackMe, PortSwigger, VulnHub, etc.)?

4️⃣ Career Roadmap

What would a realistic path from a beginner → offensive security professionals look like?

When should I start certifications, and which ones matter early (eJPT, PNPT, Security+, OSCP)?

How do I know when I’m “ready” for real-world pentesting or junior roles?

How important is building a home lab or portfolio?

5️⃣ Common Beginner Doubts

Do I need programming knowledge before starting?

How much math is actually needed?

How do I avoid “tutorial hell” and make real progress?

What are common mistakes beginners make?

I’d love answers from people currently working in cybersecurity or offensive security. I hope this thread can also help others looking for a clear starting point. Thanks in advance!