You Don't Need to "Get Good" Before Starting Cybersecurity. You Just Need the Right Starting Point.
I have lost count of how many times I have seen some variation of this question posted in forums and Discord servers:
"I want to get into ethical hacking. Should I start with TryHackMe or HackTheBox?"
It is a reasonable question. Both platforms are well-known, both are respected in the industry, and both come up constantly in conversations about cybersecurity learning. The problem is that the question itself assumes you are already ready for either of them.
A lot of beginners find this out the hard way. They sign up, stare at a challenge that assumes they already understand Linux file permissions and how TCP handshakes work, and close the tab feeling like cybersecurity is just not for them. It is not that they are not capable. It is that they were handed a climbing rope when what they actually needed was a ladder.
The Honest Truth About TryHackMe and HackTheBox
Let me be clear: TryHackMe and HackTheBox are genuinely good platforms. They have helped a lot of people build real skills and land real jobs. This is not a takedown post.
But they were designed with a certain user in mind. That user has some foundation already. They know their way around a terminal. They understand basic networking. They have probably broken something on their own machine before and had to figure out how to fix it. TryHackMe is more beginner-friendly than HackTheBox, but even TryHackMe's "beginner" rooms can leave someone with zero context feeling completely stranded.
The onboarding assumes knowledge. The explanations assume vocabulary. When you get stuck, you are mostly on your own unless you go hunting through Reddit threads or YouTube walkthroughs that are often outdated.
None of that is a design failure for their audience. It just means they have an audience, and if you are brand new, you might not be in it yet.
What "Starting From Zero" Actually Looks Like
Starting from zero does not mean you are slow or behind. It means you have not been exposed to this world yet. You might not know what a buffer overflow is. You might not understand why SQL injection works or what XSS even stands for. You might not know how privilege escalation fits into an attack chain.
That is completely fine. Everyone who works in security started somewhere, and the somewhere was almost never a polished, confident entry into a complex hacking platform.
What someone starting from zero actually needs is context before challenge. Not just a room to complete, but an explanation of why the thing you are doing matters, what is happening under the hood, and what to try when you are stuck.
This is the gap that most platforms leave open. They give you the challenge but not the scaffold.
How Atomic AI Approaches the Beginner Problem Differently
Atomic AI is a terminal-style cybersecurity training platform built specifically to close that gap. The rooms cover real attack categories: SQL injection, cross-site scripting, buffer overflows, privilege escalation. These are not toy exercises. They are the same techniques that show up in CTF competitions and real-world penetration testing.
The difference is how you move through them.
Atomic AI has a built-in AI mentor, also called Atomic, that is present throughout every challenge. When you get stuck, you do not close the tab and go search YouTube. You ask Atomic. You get a hint, an explanation, or a nudge in the right direction. The goal is not to hand you the answer but to help you actually understand what is happening.
There is also a progression system built around XP, levels, and leaderboards, along with daily missions, a clan system for teaming up with others, and a season pass structure that gives you something to work toward. These are not gimmicks. Learning is genuinely harder without structure, and having a clear sense of progress makes a meaningful difference in whether someone sticks with something or abandons it.
It was built by Pavlopanda, a solo developer based in Geneva, Switzerland. That context matters a little. This is not a corporate product designed by a committee. It is something built by someone who cares about making cybersecurity accessible to people who are not already halfway there.
You can start for free at atomicai.ch, and if you have questions or want to reach the developer directly, you can contact him at pavlo@atomicai.ch.
Practical Advice for Absolute Beginners
If you are genuinely starting from zero, here is what I would suggest:
Do not start with HackTheBox. It is excellent but it is not built for you yet. Come back to it once you have some footing.
Be skeptical of roadmaps that skip the fundamentals. A lot of "how to get into cybersecurity" guides jump straight to tools like Nmap and Metasploit without explaining what a network packet is. You will memorize commands without understanding them, which means you will be helpless the moment anything deviates from the script.
Learn in environments that give you feedback. Reading about SQL injection is not the
Top comments (0)