🦉 Welcome to OwlSec

Your Cyber Security Community.

Whether you're brand new to cybersecurity or levelling up your skills , you've found the right place. OwlSec is home to defenders, attackers, and everyone in between. This guide will get you oriented and on the right path from day one.

🗺️ Choose Your Path

🔵 Blue Team : Defend networks, detect threats, analyse incidents
Good if you like: problem solving, analysis, catching attackers

🔴 Red Team : Ethical hacking, finding vulnerabilities, exploitation
Good if you like: breaking things (legally), creativity, stealth

🟣 Purple Team : Both, bridge the gap between attack and defence
Good if you like: understanding the full picture

💡 Not sure? Start with Pre-Security on TryHackMe. It covers the basics for all paths and will help you figure out what excites you most.

🔵 Blue Team Path —> Defensive Security

Detecting, analysing, and stopping cyber attacks.

Step 1 — The Basics

• THM: Pre Security
• THM: Windows Fundamentals 1
• THM: Windows Fundamentals 2
• THM: Windows Fundamentals 3
• HTB Academy: Linux Fundamentals

Step 2 — Networks & Systems

• HTB Academy: Intro to Networking
• THM: Cyber Defense 101
• Cisco Networking Academy & Packet Tracer —> Build, configure, and test virtual enterprise networks

Step 3 — Detect & Analyse

• THM: SOC Level 1
• CyberDefenders: Network Forensics CTF

Step 4 — Web Threats (Blue Perspective)

• OWASP Top 10 —> Know what attackers target so you can defend against it
• PortSwigger Web Security Academy —> Free, world-class web security training

Step 5 — Active Directory Defence

• THM: Active Directory Basics
• Understanding AD is critical — it's the backbone of most enterprise networks and a prime target

🔴 Red Team Path — Offensive Security

Ethical hacking, finding vulnerabilities, and exploiting systems.

Step 1 — The Basics

• THM: Pre Security
• HTB Academy: Linux Fundamentals
• THM: Windows Fundamentals 1
• THM: Windows Fundamentals 2
• THM: Windows Fundamentals 3

Step 2 — Networks & Infrastructure

• HTB Academy: Intro to Networking
• Cisco Networking Academy & Packet Tracer —> Understand routing, switching, and subnetting by building the infrastructure you'll eventually attack

Step 3 — Get Offensive

• THM: Jr Penetration Tester
• HTB Academy: Getting Started
• VulnHub: Vulnerable Labs

Step 4 — Web Application Hacking

• PortSwigger Web Security Academy —> The free resource for web hacking. SQLi, XSS, SSRF, IDOR, Auth bypasses —> all here
• OWASP Top 10 —> Know the most critical web vulnerabilities by heart

Step 5 — Active Directory Attacks

• THM: Active Directory Basics
• HTB Academy: Active Directory Enumeration & Attacks
• Kerberoasting, Pass-the-Hash, BloodHound —> this is where real-world pentesting lives

Step 6 — Bug Bounty (Get Paid)

• HackerOne | Bugcrowd | Intigriti | YesWeHack | Synack —> Start with public programs
• PentesterLab — Great for learning web bugs with a bug bounty focus