Chapter 1 · Lesson 1

Welcome to the Ethical Hacking Bootcamp

This opening lesson hands you the map of the bootcamp: what the 25 sections cover, how lessons, labs, and quizzes work together, and the study habits that build real skill.

11 min read Text Updated 2 hours ago Free preview
In this lesson you'll learn
  • Describe what the bootcamp covers and the journey from beginner to a full assessment lifecycle.
  • Explain how lessons, hands-on labs, and quizzes work together to build skill.
  • Set up a sustainable study routine and an isolated practice environment.
  • Create free accounts on the practice platforms you'll use throughout the course.

What this course makes you capable of

This is a complete, beginner-friendly path into offensive and defensive security. You need no prior coding or networking background — only basic computer literacy and curiosity. By the end you will be able to build and operate a safe, isolated penetration-testing lab; run a full assessment lifecycle from reconnaissance through scanning, vulnerability analysis, controlled exploitation, privilege escalation, and finally reporting; use the core professional toolset confidently and ethically; understand the blue-team side (detection, hardening, incident response); and write a clear security report in the language of CVE, CVSS, OWASP, and risk. The course also maps directly onto industry certifications — CompTIA Security+, PenTest+, and CEH — so your learning doubles as exam preparation.

The whole thing is structured as a deliberate progression. You start with the fundamentals every hacker leans on — networking, Linux, and a lab to break things in — then climb into recon, scanning, web security, exploitation, and the defensive and career material that rounds out a real professional. Each lesson is text plus a hands-on component, because security is a skill you build with your hands, not just your head.

Foundations Net · Linux · Lab · Crypto Offensive skills Recon → Exploit → Privesc Defense & report Blue team · Writing Career Certs · Capstone
The bootcamp moves left to right: solid foundations, then offensive skills, then defense and reporting, finishing with career readiness.

How lessons, labs, and quizzes fit together

Every lesson follows the same rhythm so you always know what to expect. You read the concept, see it illustrated, study a real-world example, then put it into practice in a lab and check yourself with a short quiz. The reading builds your mental model; the lab cements it through muscle memory; the quiz exposes gaps before they compound. Skipping the labs is the single most common way learners stall — knowledge that is never exercised fades fast. Treat the hands-on portion as the main event, not an optional extra.

Because real offensive work is done against live systems, every offensive technique in this course is demonstrated only against intentionally vulnerable, isolated lab targets you control. You will build that lab in Section 4. Until then, the only "tools" you need are a browser and a notebook.

1 · Read 2 · Lab 3 · Quiz 4 · Review
The learning loop: read the concept, run the lab, take the quiz, then review what tripped you up — and repeat.
Scenario

A day in the life of a junior penetration tester

Maya is three months into her first security job. Her morning starts with a kickoff call: the client confirms the scope — two web applications and a single /24 network range — and signs the rules of engagement. That signature is non-negotiable; without it, the work she is about to do would be a crime.

By mid-morning she is doing reconnaissance, mapping the client's external surface, then scanning for live hosts and open services. After lunch she validates a handful of scanner findings by hand, discards the false positives, and carefully exploits one genuine flaw in the lab-mirrored test environment to prove impact. She screenshots every step, because evidence is the product.

Her afternoon ends not with a dramatic break-in but with writing: a clear finding, a risk rating, and a concrete fix the client's engineers can action. The technique was only part of the job — disciplined documentation is what the client actually pays for. That full arc, kickoff to report, is exactly the arc this course trains you to walk.

Hands-on Exercise

You don't need a lab yet. Get your free learning platforms ready and block out study time.

  1. Create a free account on TryHackMe (tryhackme.com) — guided, gamified rooms that pair perfectly with these lessons.
  2. Create a free account on the PortSwigger Web Security Academy (portswigger.net/web-security) — the best free resource for the web material in Sections 10 and 11.
  3. Make a notes folder. A simple Markdown file per topic is enough to start: 
    $ mkdir -p ~/eh-notes/section-01
$ echo "# Lesson 1.1 — Welcome" > ~/eh-notes/section-01/1-1.md
created ~/eh-notes/section-01/1-1.md
  4. Schedule it: pick two or three fixed weekly study blocks. Aim for roughly 60–80 hours of study plus ~40 hours of labs across the course — sustainable beats heroic.
Lesson Summary
  • The course takes you end to end: foundations, offensive skills, defense, reporting, and career.
  • Each lesson pairs reading with a lab and a quiz — the hands-on part is where real skill forms.
  • All offensive work happens only against isolated lab targets you control (built in Section 4).
  • A consistent routine and good notes beat marathon cramming every time.
Sign up to track progress