I watched couple of videos in the “video tutorials” but frankly the information squeezed in those 2.5 hours is overwhelming for me as a beginner. I am trying to takes notes of methodology, tools used, commands used etc etc but I feel like its a ■■■■ lot to remember. So either after watching a tutorial I keep doing same machine until I can do it on my own? Or is there any better way to practice those tools individually before I work on solving the machines. I am confused on the best way to proceed. Your suggestions will be highly appreciated.
Take it one step at a time. I know a 2.5 hour ippsec video is super long. but if he spends 10 minutes on something, maybe you spend an hour on it. if youre new to gobuster, run gobuster the way he runs it. then try different switches. read the man page. dont just look at it to solve the challenge he’s solving. try to understand everything that’s being done. play games with yourself - “if i change this argument, this will be different in the output”. if you’re right, you understand it. if not, figure out why.
also, take notes. break down into sections like recon, web recon, database, etc. start a big outline. everything you learn a new tool, write it down in there.
at the end of the day, you just have to practice and practice. it will come.
Practice. Practice. Practice. If it feels overwhelming then you are probably on the right track and just need to break what you are trying to learn into smaller tasks to research. It honestly feels like I am not learning much at all until I look back a year and think about how much I actually have learned.
Before I got into HackTheBox I was using intentionally vulnerable virtual machines I downloaded from vulnhub which usually had a handful of walkthroughs available by a few different users who completed it already. I found that was a little easier to start than HackTheBox.