Embarking on the journey of ethical hacking can be daunting, but with the right resources and mindset, you can master the skills needed to protect digital systems. Here's a guide to the best resources for learning ethical hacking, curated from the experiences and advice of Redditors:

Starting Points and Communities

• Ethical Hacking Subreddit: A great place to start and get advice. "Checking out the ethical hacking subreddit is a good start."

• HackTheBox and TryHackMe: These platforms offer hands-on practice in a gamified environment. "get an account on HackTheBox/TryHackMe (TryHackMe is more beginner friendly and is worth buying the subscription)"

• VulnHub: Provides vulnerable virtual machines for practice. "Try something like vulnhub. They have vulnerable virtual machines."

• Relevant Subreddits: Join communities like r/cybersecurity, r/oscp, r/netsec, and r/netsecstudents for further learning and networking.

Essential Tools and Fundamentals

• Networking and Programming Basics: Crucial for understanding how systems work and can be exploited. "Getting to know at least a little about networking will be helpful, as most hacking/pentesting is done by gaining access to a network rather than writing code."

• Kali Linux: A popular distribution with many hacking tools preinstalled. "Kali Linux comes with all this stuff preinstalled if you have a machine you can install it on."

• Key Tools: Practice with tools like nmap, Burp Suite, Wireshark, John the Ripper, and IDA. "playing around with tools like nmap (network mapper), burpsuite (proxy and vulnerability scanner), wireshark (packet sniffer), John the ripper (password cracking), IDA (dissasembler) and others will be very helpful."

• Vulnerability Concepts: Learn about common vulnerabilities like SQL injection, XSS, and buffer overflows. "Vulnerabilities that involve code often involve oversights in checking and sanitizing inputs, so learning about SQL injection, cross-site scripting (XSS) and buffer overflows will be helpful."

Certifications and Structured Learning

• CompTIA Certifications: A good starting point for IT and cybersecurity careers. "I'm pursuing CompTIA certs right now as a starting point."

• Hack The Box Pentesting Path: A challenging but rewarding certification. "Hack The Box Pentesting path. If you get that certification it proves you can do it all."

• CEH or Security+: Recommended for those looking to work in cybersecurity. "Do you want to work in cybersecurity? If yes, then go for CEH or Security+."

Self-Learning Strategies and Mindset

• Deep Dive into Theory: Understand the underlying principles behind hacking techniques. "The theory was as important as the code itself."

• Persistence and Research: Essential for problem-solving and continuous learning. "If you can't research on your own, this field is not for you."

• Long-Term Commitment: Ethical hacking takes time and dedication. "It takes months, if not years to get to a point where you are competent and confident."

Practice and Real-World Application

• Capture The Flag (CTF) Events: Participate in CTFs to test and improve your skills. "You can check out “capture the flag” events, tutorials or answers."

• Vulnerability Disclosure Programs (VDPs): Safely find and report vulnerabilities to companies. "You can also test your skills on companies/organizations that offer VDP (Vulnerability Disclosure Program)."

• Exploit Old CVEs: Practice by trying to exploit known vulnerabilities. "Look up old CVEs and try to exploit them?"

Free Resources and Courses

• Great Learning: Offers an "Introduction to Ethical Hacking" course. "Great Learning Course: Introduction to Ethical Hacking"

• Simplilearn: Provides an "Ethical Hacking for Beginners" course. "Simplilearn Course: Ethical Hacking for Beginners"

• MyGreatLearning: Another option for an "Introduction to Ethical Hacking" course. ["MyGreatLearning Course: Introduction to Ethical Hacking