I did it. I finally finished Starting Point.

Well, at least the free machines. I’m not ready to pay for VIP just yet, lol. So, archetype, oopsie, vaccine, shield, and pathfinder.

That was a ■■■■ of an initiation. It feels as though these machines are designed as like a brick wall to weed you out if you’re not already conversant with a lot of the key required skills. The walkthroughs lead you down rabbitholes or give you misleading information, steps get skipped, nothing is properly explained, stuff almost never just works without a lot of additional wrangling, and a lot of the core things you need to know how to do are just never told to you at all. I would not say someone who’s “new to hacking and cyber security” is equipped to take these on.

That said, I was able to do it, thanks to my existing experience with linux, python, ruby, and a loooooooot of googling and youtubing and troubleshooting and poring over CVEs. It feels like I’ve been through the wringer. Took me about two weeks, all told. I feel like, in overcoming this lab, I indirectly learned a lot of what’s going to be required of me to succeed in this field. Being able to synergize incomplete information to get a picture of what I need to do. Being able to independently find solutions to obscure problems. Being always aware of context and keeping good notes. Being able to do research and understand dense reports and extract the key info. Knowing your tools and where to find things you’re missing. And always always always being thorough with enumeration. So, in that larger sense, SP was exactly what it needed to be, for me.

Anyway!

*Hacker voice:* I’m in.

Your thoughts? What was your experience with SP like, or did you skip it? What was it like learning to hack in general, for you? Old hands and hacking vets, I’d love to hear your stories from back in your nublet days!

well done :wink:

[redacted]

your 100% on point with your description of starting point. the feeling of getting the flags has me way happier then it should ■■■■. but deff learned some sold ■■■■ so far.

Congrats. Keep it up.

I just finished oopsie here. Im a noob. And you are right my friend, in the tutorials nothing is explained properly lol! I had to DuckDuckgo and Youtube a lot and still…some commands are still not clear like " Why am i inputting this command? What does this do?" Like bro, im moving around almost blindly on some steps.
Linking some articles in the tutorials with explanation for the tools for the layman would be really appreciated.

@OmiceyO said:

I just finished oopsie here. Im a noob. And you are right my friend, in the tutorials nothing is explained properly lol! I had to DuckDuckgo and Youtube a lot and still…some commands are still not clear like " Why am i inputting this command? What does this do?" Like bro, im moving around almost blindly on some steps.
Linking some articles in the tutorials with explanation for the tools for the layman would be really appreciated.

I think this is why HTB created the Academy.

Ippsec has a good intro - https://www.youtube.com/watch?v=hBjksyVmspY&ab_channel=IppSec

From what I can tell, Starting Point is still aimed at exploratory learning, rather than guided learning.

I think, in practice, it wouldn’t be possible to link “some articles” and even if HTB did, people would complain because the articles missed something or covered too much.

A good example is SSTI. There are thousands of articles about this, some better than others but that is very much a personal assessment. How can someone decide which is the best article for me to read to learn something about it?