DEV Community

Atomic Ai
Atomic Ai

Posted on

I Tried Learning Cybersecurity on TryHackMe and HackTheBox as a Complete Beginner. Here Is What Actually Happened.

I Tried Learning Cybersecurity on TryHackMe and HackTheBox as a Complete Beginner. Here Is What Actually Happened.

Let me be honest with you. When I first decided to get into cybersecurity, I did what every YouTube video told me to do. I signed up for TryHackMe. I made an account on HackTheBox. I opened a terminal and stared at it for about forty minutes before closing my laptop and watching Netflix instead.

This is not a criticism of those platforms. They are genuinely excellent. But there is a conversation that nobody seems to be having openly, which is this: both of them are built with a certain baseline assumption about who you are. They assume you have touched Linux before. They assume you know what a port is. They assume that when something breaks, you have enough background knowledge to at least Google the right question.

If you are starting from absolute zero, that assumption is a wall.


What TryHackMe and HackTheBox Actually Expect From You

TryHackMe markets itself as beginner-friendly, and relative to HackTheBox, it is. The guided rooms are structured, the content is well-written, and there are paths designed for newcomers. But "beginner-friendly" in the cybersecurity world still often means "beginner-friendly if you have been tinkering with computers your whole life."

HackTheBox is more honest about this. The platform is competitive by design. The community is skilled. The machines are intentionally difficult. If you go in without a foundation, you will not just struggle, you will have no idea why you are struggling or what to search for. That feeling of not even knowing what you do not know is genuinely demoralizing.

Neither platform is doing anything wrong. They built their products for a real audience. That audience just does not include someone who is on day one of their cybersecurity journey with no prior technical background.


The Specific Problem With Dropping Beginners Into CTF Rooms

Capture the Flag challenges are a fantastic way to learn. Hands-on practice in a safe environment, realistic attack scenarios, immediate feedback when you succeed. The format works. The problem is context.

When you are new, you do not just need to know what to type. You need to understand why you are typing it. You need someone to explain what SQL injection actually is before you try to exploit it. You need to understand what a web server does before you try to manipulate its headers. You need the mental model before you can apply the technique.

Walking into a CTF room cold, without that foundation, means you are essentially following a walkthrough you found on YouTube without understanding a single line of what is happening. You complete the challenge. You feel nothing. You learned nothing transferable.

The guided hints on most platforms help, but they are hints, not teaching. There is a meaningful difference.


What a Platform Built for True Beginners Looks Like

This is where I want to talk about something I came across recently called Atomic AI.

The framing is different from the start. It is a terminal-style cybersecurity training platform, which means it feels like the real thing from day one, but it is built around the assumption that you are new. Not new like "you have done one CTF before." New like "I want to learn hacking and I have no idea where to start."

The core mechanic is real CTF rooms covering the topics you would expect: SQL injection, XSS, buffer overflows, privilege escalation. But built into the platform is an AI mentor called Atomic. Not a hint system. Not a forum where you wait for someone to answer your question. An actual mentor layer that guides you through each step, explains what is happening and why, and adjusts based on where you are.

For someone coming in from zero, that distinction matters enormously. The difference between "here is a hint" and "here is why this vulnerability exists and here is what you are about to do about it" is the difference between completing a challenge and actually learning something.

The platform also has XP, levels, leaderboards, daily missions, a clan system, and a season pass, which sounds gamified because it is. Deliberately. Learning a hard technical skill requires consistency, and consistency requires motivation. Structure helps. Progress you can see helps.

It is built by a solo developer named Pavlopanda out of Geneva, Switzerland, which I find worth mentioning because there is something different about a product built by one person who clearly cares about a specific problem versus a platform built by a team optimizing for retention metrics.

You can start for free at https://atomicai.ch. If you want to reach out directly, the developer is reachable at pavlo@atomicai.ch.


Practical Advice for Anyone Starting From Zero Right Now

Whether you end up on Atomic AI, TryHackMe, HackTheBox, or somewhere else entirely, here is what will actually help you:

Start with context, not challenges. Before you touch a CTF room, understand what you are trying to exploit and why it exists. A SQL injection vulnerability is not just a trick. It is the result of a

Top comments (0)