Hella free resources, TryHack me is begging friedly both for offensive pentesting and SOC stuff. They also give certs and student discount in my opinion free is enough but paid is better. Next HackTheBox more advance coveres multiple different domains of cybersec. I would try hacking into a starter box after doing the vpn since its free or start by watching a ippsec walkthrough of a easy box, they are much harder than you think. Next PenTester Academy more code focused and web security

4

Reach out if you need more specific guidance to what you wanna do, i would probably start by deciding offensive or defensive but you will have to learn both either way just that you can specialize later on. Offensive is fire if your into that and has multiple domains to focus on like we application pentesting, network pentesting, hardware pentesting. Check out live overflow on yt. You can also do advance stuff once more adpet like Active Directory Pentesting and malware development with C2

3