I know this may be a very general question, but there are so many resources I don’t know where to start.
I’m afraid with the free TryHackMe plan I’m limiting myself a lot.
I know portswigger trining, is it better than TryHackMe?
Am I better off starting directly with CTFs? If yes, which is the best to use? (overthewire, hackthebox …)
Is roadmap.sh reliable?
How important are the certificates? I am a tech illiterate but never cared about certificates.
Or as a last resort, is it better to start directly with hackthebox?
It will help me to get into Offensive security? Or just an entry point to proceed using “tools”
It would seem best to understand both offensive and defensive aspects of security, which, of course, is based on the fundamentals. There are no shortcuts to download a tool and become anything in Cybersecurity space because people who understand the fundamentals can easily counter most “amateur” attacks.
For example, if I hire somebody interested in a certain type of security position, my first question will always be the opposite… If you want to attack X, how would you defend it? and then how would you circumvent that defense, etc.