beginner-first · no login

Learn ethical hacking,
from zero.

A structured, opinionated path into VAPT, taught in plain language, with a practice terminal in the browser. Nothing to install, nothing to sign up for.

open lessons in-browser terminal local progress
hackingpath ~ practice/home/learner
booting sandbox shell…
// how it works

Three steps. That's the whole loop.

01

Read the lesson

Short, plain-language chapters. We explain the why before the how, with everyday analogies.

02

Practice in the terminal

Each lesson opens with a sandbox shell. Try the commands as you read, no VM to install.

03

Mark it done, move on

Progress saves locally in your browser. Pick up exactly where you left off, no account required.

// the path

From mindset to first scan.

View full path
phase · 1

Security Foundations & How the Web Works

The mental model and the moving parts: how to think about security, and how a single web request travels from your browser to a server and back.

Week 1
Security Fundamentals
  • CIA Triad & Threat Framing
  • Authentication, Identity & Non-repudiation
  • Anatomy of a Cyber Attack & Security Programs
Week 2
How a Website Works
  • How the Internet Works, TCP/IP & Ports
  • IP Addresses, Subnetting & CIDR
  • The Request Journey & Where Attacks Live
Week 3
Protocols, Ports & Human Attacks
  • Protocols, Ports & TCP vs UDP
  • DNS on Linux, localhost & URL Anatomy
  • Social Engineering & Phishing
phase · 2

Linux & Networking

Get fluent at the Linux shell every tool runs on, then understand how networks are built, divided, and defended.

Week 4
Linux Essentials
  • Linux: Files, Folders & Navigation
  • Linux: Searching, Permissions & Processes
  • Linux: Network Commands
Week 5
Networking & Defense
  • Proxies, Traffic & Routing
  • Network Segmentation & VLANs
  • Firewalls: Stateless, Stateful & WAF
Week 6
Enumeration & Scanning
  • Enumeration & Port Scanning with nmap
  • Subdomain Enumeration: Passive & Active Recon
Week 7
Remote Access & File Transfer
  • Configuring SSH & FTP: Login, Transfer, Tunnels
phase · 3

Traffic Analysis & Encryption

Open up encrypted connections and the packets on the wire: how TLS and certificates build trust, and how to read traffic with Wireshark-style filters.

Week 6
TLS, Certificates & Trust
  • TLS, SSL & the Handshake
  • Certificates & the Chain of Trust
Week 7
Reading Traffic with Wireshark
  • Meet Wireshark: Packets, Sniffers & Analyzers
  • Wireshark Display Filters
// the terminal

A safe shell, right beside the lesson.

Every lesson comes with a sandboxed terminal. Try the commands as you read - nothing to install, nothing to break. When you graduate to a real lab, the muscle memory comes with you.

  • Mocked nmap, ping, dig, cat, ls, instant feedback.
  • Real terminal feel: prompt, history, Ctrl-C.
  • Pluggable boundary, swap the mock for a real backend later, the UI doesn't change.
practice, sandbox shell/home/learner
booting sandbox shell…