I know this may be a very general question, but there are so many resources I don’t know where to start.
I’m afraid with the free TryHackMe plan I’m limiting myself a lot.
I know portswigger trining, is it better than TryHackMe?
Am I better off starting directly with CTFs? If yes, which is the best to use? (overthewire, hackthebox …)
Is roadmap.sh reliable?
How important are the certificates? I am a tech illiterate but never cared about certificates.
Or as a last resort, is it better to start directly with hackthebox?
I wrote this up a while ago and you may find it useful - https://shellsharks.com/getting-into-information-security.