Making learning security fun

What do you do to make learning security fun?

Here are a few things I am a big fan of:

  1. War game sites, i.e., things like TryHackMe, HackTheBox, Root-Me and a LOT of others.
  2. Capture-The-Flag events (CTFs). Even if you don’t solve a challenge, you learn something, which means 100% of the time, you win every time. :slight_smile: Check out OpenToAll if you want to join a team/community to learn more. CTFtime is a great resource for when CTFs are happening. They happen EVERY single week. Seriously.
  3. Study groups. I really enjoy bouncing ideas around with others. A study group based on working through a security book or focused on building a skill is a great way to learn as well as to network. For example, I am part of a local group (that meets over zoom) that alternates between going through a book and doing something active, like a set of challenges.
  4. Personal challenges. I always have 1-2 of these going at any time. I set a goal to learn something or achieve a certification. I pick a “prize” if I am successful. Clearly, I like gamification of these kinds of things, so I make a fun personal challenge out of it.

What works for you?


Being told I cannot do something or am not allowed in :wink: I like proving people wrong

1 Like

Do you guys have any recommendations for learning resources for those who are younger? Maybe high school or even middle school, age-wise. I know a couple people who have kids that are pretty interested in learning more on the security side, and they don’t have a ton of good resources for it at school.

So my oldest son is heavily into scripting and computers, so I’ve pointed him to free cybrary, what used to be Microsoft Virtual Academy (not sure what they renamed it too), and various scripting sites that are all free…specifically Python. That coupled with me answering his questions.

My younger sons use Scratch(sp?) for their initial coding. They are all still trying to filter out what they enjoy doing, but it’s turning out to be coding and programming.


Check out PicoCTF. It is geared toward a younger audience.

Nostarch also has a ton of great books for kids.

Do you know where their interests might be? There are also some great programming sites that have gamified the entire learning to program experience.

Sorry, one last edit…many high schools now have CTF teams. They could look into that. That way they could try a variety of things like reverse engineering, programming, binary exploitation, web application security, crypto and so on. Some of the high school teams are really good too which implies a great learning environment.

1 Like

Ooh I haven’t seen Scratch before, this looks like a cool starting point for kids programming. I feel like kid me would’ve loved a story creator like this :open_mouth:

They’ve been pretty interested in programming and red teaming, actually. Something CTF oriented might really be up their alley.

Thanks for the other recommendations as well, I’ll pass them on!

1 Like

I definitely recommend Scratch, it was built with elementary aged kids in mind and a lot of people do game jams with it.

1 Like