All Roadmaps

Cybersecurity Roadmap

Learn network security, ethical hacking, threat analysis, and defense strategies to protect systems and data from cyber threats.

8-10 months14 topics across 5 stages
PythonBashC (for exploit dev)

Prerequisites

  • Basic computer skills
  • A text editor installed
  • Browser (Chrome recommended)
Don't have these? Start here

Recommended Tools

VS Code (Editor)Chrome DevToolsGit + GitHubTerminal/CMD

Your Progress

0 of 14 topics completed

0%

Security Foundations

5-6 weeks3 topics
0/3

1.Networking for Security

10-12 days

Deep understanding of networks — the foundation of all cybersecurity.

What you'll learn
  • OSI and TCP/IP models in depth
  • Common protocols (HTTP, DNS, SMTP, FTP, SSH)
  • IP addressing, subnetting, and routing
  • Packet analysis with Wireshark
  • Firewalls and packet filtering
  • VPNs and tunneling protocols
  • Wireless network security (WPA2/WPA3)
  • Network scanning (Nmap)
Practice Project

Network Analysis Lab

Set up a virtual lab, capture network traffic with Wireshark, identify protocols, scan a network with Nmap, and document findings.

2.Linux & OS Security

8-10 days

Master Linux administration with a security focus.

What you'll learn
  • Linux file permissions and ownership
  • User management and sudo
  • SSH hardening and key-based auth
  • Firewall configuration (iptables/ufw)
  • Log analysis (/var/log, journalctl)
  • Process monitoring and management
  • SELinux/AppArmor basics
  • System hardening (CIS benchmarks)
Practice Project

Hardened Linux Server

Set up a Linux server and harden it: disable root SSH, configure firewall, set up fail2ban, enable audit logging, and run a CIS benchmark scan.

3.Security Concepts & CIA Triad

5-6 days

Learn core security principles, threat modeling, and the security mindset.

What you'll learn
  • CIA Triad (Confidentiality, Integrity, Availability)
  • Authentication, Authorization, Accounting (AAA)
  • Threat modeling (STRIDE, DREAD)
  • Risk assessment and management
  • Security policies and compliance
  • Defense in depth strategy
  • Common vulnerability types (OWASP Top 10)
  • Security frameworks (NIST, ISO 27001)
Practice Project

Threat Model Document

Perform threat modeling on a sample web application using STRIDE. Document threats, assess risks, and propose mitigations.

🛠️Project Milestone 1

Threat Model Document

Perform threat modeling on a sample web application using STRIDE. Document threats, assess risks, and propose mitigations.

Build this before moving to the next stage

Ethical Hacking & Pentesting

6-7 weeks3 topics
0/3

4.Reconnaissance & OSINT

5-6 days

Gather intelligence about targets using open-source information.

What you'll learn
  • Passive vs active reconnaissance
  • OSINT tools and techniques
  • DNS enumeration and subdomain discovery
  • Google dorking and search operators
  • Social engineering basics
  • Metadata analysis
  • Shodan and Censys for device discovery
  • Footprinting and information gathering
Practice Project

OSINT Report

Perform OSINT on a target domain (with permission). Enumerate subdomains, find exposed services, discover email formats, and compile a report.

5.Web Application Exploitation

12-14 days

Find and exploit vulnerabilities in web applications.

What you'll learn
  • SQL Injection (Union, Blind, Error-based)
  • Cross-Site Scripting (Reflected, Stored, DOM)
  • Cross-Site Request Forgery (CSRF)
  • Server-Side Request Forgery (SSRF)
  • Insecure Direct Object References (IDOR)
  • Authentication and session attacks
  • File upload vulnerabilities
  • Command injection
  • Burp Suite for web testing
Practice Project

Web App Pentest Report

Exploit vulnerabilities in DVWA or Juice Shop. Document each finding with proof-of-concept, severity rating, and remediation advice.

6.Network Exploitation

10-12 days

Exploit network services and escalate privileges on compromised systems.

What you'll learn
  • Service enumeration and vulnerability scanning
  • Metasploit framework
  • Password attacks (brute force, spraying, cracking)
  • Privilege escalation (Linux and Windows)
  • Lateral movement techniques
  • Active Directory attacks basics
  • Post-exploitation and persistence
  • Pivoting and tunneling
Practice Project

CTF Challenge Completion

Complete 10+ machines on TryHackMe or HackTheBox. Document your methodology: recon, exploitation, privilege escalation, and flags captured.

🛠️Project Milestone 2

CTF Challenge Completion

Complete 10+ machines on TryHackMe or HackTheBox. Document your methodology: recon, exploitation, privilege escalation, and flags captured.

Build this before moving to the next stage

Defensive Security

5-6 weeks3 topics
0/3

7.SOC Operations & SIEM

10-12 days

Work as a security analyst — monitor alerts, investigate incidents, and use SIEM tools.

What you'll learn
  • Security Operations Center (SOC) workflow
  • SIEM concepts (Splunk, Elastic SIEM)
  • Log analysis and correlation
  • Alert triage and investigation
  • Indicator of Compromise (IoC)
  • MITRE ATT&CK framework
  • Sigma rules for detection
  • Incident classification and escalation
Practice Project

SIEM Lab Setup

Set up Elastic SIEM, ingest logs from multiple sources, create detection rules, investigate simulated attacks, and write incident reports.

8.Malware Analysis Basics

7-8 days

Analyze malicious software to understand how it works and how to detect it.

What you'll learn
  • Types of malware (viruses, trojans, ransomware, RATs)
  • Static analysis (strings, hashes, PE headers)
  • Dynamic analysis (sandboxing, behavior monitoring)
  • Setting up analysis environments safely
  • YARA rules for detection
  • Reverse engineering basics
  • Malware persistence mechanisms
  • Indicators of Compromise extraction
Practice Project

Malware Analysis Report

Analyze malware samples in a sandbox. Perform static and dynamic analysis, extract IoCs, write YARA rules, and produce a detailed report.

9.Incident Response & Forensics

8-10 days

Respond to security breaches and perform digital forensics.

What you'll learn
  • Incident response lifecycle (NIST/SANS)
  • Evidence preservation and chain of custody
  • Memory forensics (Volatility)
  • Disk forensics basics
  • Network forensics (packet captures)
  • Timeline analysis
  • Root cause analysis
  • Incident documentation and reporting
Practice Project

Incident Response Exercise

Respond to a simulated breach: collect evidence, analyze memory dumps, build a timeline, identify the attack vector, and write a post-incident report.

🛠️Project Milestone 3

Incident Response Exercise

Respond to a simulated breach: collect evidence, analyze memory dumps, build a timeline, identify the attack vector, and write a post-incident report.

Build this before moving to the next stage

Specialized Security

4-5 weeks3 topics
0/3

10.Cloud Security

8-10 days

Secure cloud infrastructure and detect misconfigurations.

What you'll learn
  • AWS/Azure/GCP security services
  • IAM misconfigurations and attacks
  • S3 bucket security and enumeration
  • Cloud-native security tools
  • Container security (Docker, K8s)
  • Serverless security considerations
  • Cloud compliance (CIS Benchmarks)
  • Cloud pentesting methodology
Practice Project

Cloud Security Audit

Audit an AWS account for misconfigurations: check IAM policies, S3 permissions, security groups, encryption, and logging. Use ScoutSuite or Prowler.

11.Application Security (AppSec)

7-8 days

Integrate security into the software development lifecycle.

What you'll learn
  • Secure SDLC (DevSecOps)
  • SAST and DAST tools
  • Dependency vulnerability scanning (SCA)
  • Code review for security
  • Threat modeling for developers
  • API security testing
  • Security in CI/CD pipelines
  • Bug bounty program basics
Practice Project

Secure CI/CD Pipeline

Integrate security into a CI/CD pipeline: SAST scanning, dependency checks, container scanning, DAST testing, and automated security gates.

12.Cryptography Essentials

5-6 days

Understand encryption, hashing, and PKI used to protect data.

What you'll learn
  • Symmetric encryption (AES, ChaCha20)
  • Asymmetric encryption (RSA, ECC)
  • Hashing algorithms (SHA-256, bcrypt)
  • Digital signatures and certificates
  • PKI and certificate authorities
  • TLS/SSL handshake
  • Key exchange (Diffie-Hellman)
  • Common crypto pitfalls and attacks
Practice Project

Encryption Implementation

Implement a secure messaging system: generate key pairs, encrypt/decrypt messages, sign and verify, and set up mutual TLS between services.

🛠️Project Milestone 4

Encryption Implementation

Implement a secure messaging system: generate key pairs, encrypt/decrypt messages, sign and verify, and set up mutual TLS between services.

Build this before moving to the next stage

Career & Certifications

4-5 weeks2 topics
0/2

13.Security Certifications Path

14-21 days

Prepare for industry-recognized certifications that validate your skills.

What you'll learn
  • CompTIA Security+ (entry-level, highly valued)
  • CEH (Certified Ethical Hacker) overview
  • OSCP (Offensive Security Certified Professional)
  • AWS Security Specialty
  • CISSP (for experienced professionals)
  • Study strategies and resources
  • Practice exams and labs
  • Continuing education requirements
Practice Project

Certification Study Plan

Create a 90-day study plan for Security+: cover all domains, complete practice exams (80%+ score), and set up home labs for hands-on practice.

14.Portfolio & CTF Practice

10-14 days

Build a security portfolio and sharpen skills through CTF competitions.

What you'll learn
  • CTF competition types (Jeopardy, Attack/Defense)
  • Popular platforms (HTB, THM, PicoCTF, CTFtime)
  • Writing quality write-ups
  • Building a security blog
  • Contributing to open-source security tools
  • Bug bounty hunting (HackerOne, Bugcrowd)
  • Networking in the security community
  • Resume and LinkedIn for security roles
Practice Project

Security Portfolio

Complete 20+ CTF challenges, write detailed write-ups for 5, submit a bug bounty report, and create a portfolio site showcasing your security work.