The start of a new year always feels like a natural pause point. Not to judge myself too harshly, but to take an honest look at where I am, what I’ve learned, and where I want to go next.
2025 didn’t go the way I expected. Personal circumstances slowed things down more than I wanted, and at times it felt like I was constantly playing catch‑up. Still, when I actually sit down and reflect, there’s a lot there — just not always in the way I originally imagined.
Looking back at 2025
I didn’t achieve everything I set out to do — and that used to bother me. Now, I see it differently. What did happen last year:
- I earned CEH Practical
I failed the theory exam twice and eventually decided to let that part go. Frustrating at the time, but clarifying: I enjoy hands-on work far more than memorization, and passing the practical exam felt like a confirmation that I’m on the right path for how I learn.
- I completed a lot of TryHackMe rooms
Not just rushing flags, but really trying to understand what was happening under the hood. Enumeration, APIs, misconfigurations — repetition slowly made things click.
- I built and improved my homelab
Servers, services, smart home devices — breaking my own setup (and fixing it again) taught me more about real-world systems than any single course ever could.
- I consistently wrote blog posts
This became more important than I expected. Writing forces me to slow down, reflect, and explain things clearly — even when something didn’t fully work. It made learning stick.
- I ran into real security issues at work
Not lab scenarios or CTF flags, but actual misconfigurations and unsafe handling of sensitive data. No public write-ups, no screenshots, no recognition — just quietly reporting and seeing things fixed. It was my first real reminder that security isn’t about flags or exploits, but about reducing risk in places that actually matter.
There were many moments where everything felt way over my head. Topics didn’t click immediately. Exploits failed. Progress felt slow. But over time, confusion turned into familiarity. Even when I couldn’t exploit something yet, I understood why. And that’s progress. This path clearly isn’t short. It might take years. And I’m okay with that.
I’m 25. I’ve got time.
What I learned about myself
- I learn best by doing, not memorizing
- Writing things down helps me understand what I don’t know yet
- Feeling stuck usually means I’m learning something new
- Cybersecurity rewards patience more than speed
Once I accepted that, the pressure eased.
Looking ahead to 2026
This year isn’t about chasing titles or rushing certifications. It’s about building strong foundations and staying consistent.
Technical goals
- PEN‑100 training
I want to slow down and really nail the basics — networking, Linux, enumeration, and exploitation fundamentals. - Sharing my GitBook
Manuals, cheat sheets, personal notes from courses — not because they’re perfect, but because they might help someone else. And honestly, because writing them helps me learn. - Working toward OSCP
No fixed deadline. No pressure. Just steady, deliberate progress.
Community & impact
- Becoming a cyber ambassador for my city
This includes formal training and earning a certification. Beyond that, I’ll help organize and deliver more sessions on digital resilience — helping people understand online safety, privacy, and basic security hygiene.
This part matters to me. Not everyone needs to be a hacker — but everyone benefits from understanding how to stay safe online.
Final thoughts
2025 wasn’t perfect.
But it was real.
I didn’t become a pentester overnight. I didn’t collect every certification. What I did build was experience, awareness, and confidence — slowly, sometimes painfully, but honestly.
2026 is about continuing that journey.
No rush. No comparison.
Just showing up, learning, and sharing along the way.
Let’s see where it leads.