I am currently trying to learn cyber security, specifically pentesting. I also do blue team things now and then, but not too often. I’ve started about 2 years ago with programming in python, later golang. I feel like I am decent in both. However when it comes to pentesting and security in general. It doesn’t feel like I’m doing progress whatsoever. I know about theoretical Linux, networking, programming and that stuff, but when it comes to the hands on tasks, I fail miserably. I know know how HTTP works, but can’t do easy Hack the Box CTFs without a complete writeup (not just little hints). I solved a few CTFs on different platforms with the help of writeups because I thought I just lacked the creative thinking part, but I don’t see any progress. And when I feel like doing CTFs, I quickly loose motivation because I don’t get anything done. Can anyone relate? How can I overcome this?
Like anything else, start slow. Do easy CTF challenges without the write up. Or at least go through the logic of how you’d approach the solving the problem. If you need help using tools, that’s just experience and reading the documentation. Tools come and go (some quicker than others). But the logic and problem solving skills are the foundation. If you always use a crutch/training wheels, you’ll always rely on them.
Like riding a bike, take it slow. Set a timer to problem solve. When the timer goes off, implement what you came up with. If it doesn’t, go back to the write ups and see what they did. Keep doing that for longer cycles until you solve one without write ups.