How I Started Studying Cybersecurity

Por

If someone had told me a few years ago that I would voluntarily spend my nights learning how ports work, why firewalls sometimes act like moody bouncers, or how a simple misconfigured header can ruin someone’s day, I would have laughed. I mean, cybersecurity? That sounded like something straight out of a hacker movie—green code raining down a screen, a hoodie, and someone yelling “We’re in!” after two seconds of typing.

But life has a funny way of nudging us (sometimes pushing us aggressively) into the directions we never imagined. And that’s how my adventure into cybersecurity began—unexpectedly, clumsily, and with a few existential crises along the way.

Grab a coffee, because today I’m sharing how I started studying cybersecurity, how it changed my routine, what I learned, the disasters I caused in the process, and how all this chaos eventually became one of the best decisions of my life.

The Accidental Spark

Most people have dramatic stories about how they got into cybersecurity. Some were victims of a cyberattack, others were inspired by movies. In my case, the spark was… a boring afternoon.

One day, while scrolling mindlessly through YouTube, I stumbled upon a thumbnail that said something like:

“I hacked my own Wi-Fi in 10 minutes (and so can you!)”

It sounded illegal, dangerous, irresponsible—and exactly the kind of harmless chaos I needed.

I clicked.

Ten minutes later, I had no idea how to hack my Wi-Fi, but I did discover two things:

  1. My router password was embarrassingly weak.
  2. There was an entire universe behind the word cybersecurity.

And that was the beginning.

The First Dive Into the Rabbit Hole

After that video, the algorithm said, “Oh, so you like hacking now? Say no more,” and flooded me with pentesting tutorials, deep-web explorations, Kali Linux walkthroughs, and dramatic hacker documentaries narrated as if the world was ending.

I didn’t understand 90% of what I was watching, but that didn’t stop me.

One night I finally said:

“Okay… Let’s actually learn this.”

So, I googled “how to start studying cybersecurity.”

That was my first mistake.
Or maybe my first victory.
Depends on how you see it.

Suddenly I found myself surrounded by unfamiliar terms:
ports, encryption, Nmap, Linux, exploits, vulnerabilities, CVEs, pentesting, threat modeling…

My brain screamed:

“This is too much.”

But another part of me whispered:

“This is fascinating.”

Spoiler: the whisper won.

The First Tools I Installed (and Immediately Broke)

Like every excited beginner, I began installing everything I saw in tutorials.

First came Kali Linux.
Well, not exactly “came”—more like “attempted to come.” Because installing it was a struggle that deserves its own Netflix documentary.

I broke my dual-boot.
I broke my Wi-Fi drivers.
I almost broke my sanity.

But eventually, after many tutorials, a few desperate forum posts, and a small prayer, I got it working.

Then I installed:

  • Nmap (because apparently every hacker uses it)
  • Burp Suite (even though I thought it was a browser plugin)
  • Wireshark (and stared at hundreds of packets doing absolutely nothing with them)
  • John the Ripper (the name alone made me feel 20% more powerful)

Did I know how to use any of them?
Absolutely not.

Did I pretend I did?
Absolutely yes.

The First Real Lesson: Security Requires Humility

One of the funniest things about starting cybersecurity is that it challenges every belief you ever had about your own intelligence.

Before I began, I thought:

“I’m pretty smart. How hard can cybersecurity be?”

After two days, I was questioning my entire existence.

A single error message can humble you more than any philosophy class.

Cybersecurity slapped me in the face and said:

“You know nothing. Now sit down and learn.”

And weirdly, I liked it.

Choosing a Path (because cybersecurity has 50 of them)

As I learned more, I discovered cybersecurity wasn’t just hacking into systems. It was a massive field with dozens of branches:

  • Pentesting
  • Digital forensics
  • Incident response
  • Malware analysis
  • Threat hunting
  • Cloud security
  • Governance, risk, and compliance
  • Red Team / Blue Team operations
  • Mobile application security
  • Network security

This was both exciting and terrifying.

It felt like entering a giant candy store where everything looked delicious—but you only had one stomach.

After some exploration, experimentation, and a few accidental crashes of test environments, I realized something:

I loved breaking things to understand them.

Pentesting was calling me.

The Moment I Really Felt Like a Hacker

It didn’t happen when I installed Kali.
It didn’t happen when I ran Nmap.
It didn’t happen when I launched Burp Suite for the first time.

It happened the day I ran my first successful exploit.

Before you panic: yes, it was in a legal environment.

I was solving a box on Hack The Box, sitting there staring at a terminal like a proud parent watching their child take the first step.

When that shell popped, I whispered to myself:

“I’m in.”

It wasn’t Hollywood hacking, but let me tell you—it felt better than any movie scene.

Breaking My First CTF… and My Brain

Capture The Flag challenges quickly became my new obsession.

They were puzzles, games, brain teasers, and hacking lessons disguised as entertainment. And they forced me to learn:

  • How web vulnerabilities work
  • Why SQL injection is more beautiful than people think
  • How buffer overflows operate
  • How enumeration is 90% of hacking
  • Why reading documentation is a superpower
  • And why forgetting a semicolon can cost you two hours of life

Some challenges destroyed my ego.
One or two nearly made me rage quit.

But finishing a box gave me a dopamine hit strong enough to keep me going for weeks.

Learning That Cybersecurity Is More Than Tools

At one point I was obsessed with tools. I wanted to install everything.

But slowly I realized:

“Tools don’t matter. Understanding does.”

A hacker with 3 tools and knowledge will always beat someone with 100 tools and no idea what they’re doing.

Cybersecurity is:

  • logic
  • curiosity
  • problem-solving
  • creativity
  • persistence
  • pattern-recognition

And, honestly, a healthy dose of stubbornness.

The First Time I Helped Someone Stay Safe

One of the most meaningful moments in my journey happened when a friend asked me:

“Can you check if my website is secure?”

I ran a quick assessment, found a couple of flaws, explained what they meant, and gave him steps to fix everything.

He was grateful.
I felt useful.
And for the first time, I realized:

Cybersecurity isn’t just a cool skill—it’s a way to protect people.

That changed everything.

Building My Study Routine

Studying cybersecurity is like going to the gym:
If you do it once a month, nothing happens.

So I created a routine:

  • 1 hour of theory
  • 1 hour of hands-on practice
  • Weekends for labs (HTB, THM, PortSwigger Web Academy)
  • Notes, notes, and more notes

And slowly everything started making sense.

The Day Everything “Clicked”

Every beginner eventually reaches that magical moment when things that once seemed impossible suddenly become clear.

For me, it was while analyzing a web app:

I understood the request.
I understood the response.
I saw the vulnerability.
I knew exactly what to do.

And I thought:

“Wow… I’m actually learning.”

That moment is priceless.

Why I Stayed in Cybersecurity

Cybersecurity isn’t easy.
It isn’t fast.
It isn’t something you master in two months.

But it is:

  • rewarding
  • exciting
  • challenging
  • constantly evolving
  • intellectually stimulating
  • creative
  • fun

And for someone like me—someone who loves solving puzzles, understanding systems, and helping people stay safe—it turned into a passion.

If You’re Thinking of Starting, Here’s My Advice

1. Don’t be afraid of not knowing. Everyone starts clueless.

Seriously. No one is born knowing what a CVE is.
You learn. Everyone learns.

2. Break things (legally).

Use:

  • Hack The Box
  • TryHackMe
  • DVWA
  • Metasploitable
  • Juice Shop

Hands-on experience is everything.

3. Take notes. Then take notes of your notes.

You will forget things. Write everything.

4. Don’t compare yourself to others.

Cybersecurity is a marathon, not a race.

5. Enjoy the journey.

If you’re not having fun, you’re doing it wrong.

Cybersecurity Changed My Life

I started studying cybersecurity because of a random YouTube video.
But I stayed because I fell in love with the field.

Cybersecurity challenges me, frustrates me, excites me, and motivates me every single day.

It turned curiosity into skill.
It turned confusion into knowledge.
It turned fear into confidence.

And the best part?

I’m still just getting started.

Because cybersecurity isn’t a destination—it’s a never-ending adventure.

And I’m here for all of it.