Needless to say, it is definitely not enough to just build a lab and try to use it without any certain plan and proper learning. This approach can bring some knowledge and skills, but it does not allow you to develop them systematically and comprehensively. We believe that a person who has learned just several attack techniques without a proper background preparation cannot reliably perform a penetration test and will identify only a part of all vulnerabilities and security flows in a target system or infrastructure.
Thus, it is essential for penetration testers to constantly improve their skills to be able to identify not only the common security vulnerabilities and misconfigurations, but also identify atypical ones using deep technology understanding and their own acquired experience.
Let's briefly introduce you to the main penetration testing domains (topics) you might be interested in.