サイバーセキュリティロードマップ

Introduction: Cybersecurity is one of the most in-demand fields on the planet - and also one of the most confusing to break into. This roadmap cuts through the noise. No fluff, no overwhelming jargon. Just a clear, step-by-step path from zero knowledge to job-ready skills. Who this is for: ▸ Complete beginners. ▸ Students who want practical skills, not just theory The Big Picture Phase Focus Goal Phase 1 Foundations : Understand how computers & internet actually work Phase 2 Networking : Read network traffic, understand protocols Phase 3 Linux & Windows : Navigate both OS like a professional Phase 4 Programming : Read & write basic scripts Phase 5 Core Security : Learn how attacks & defense work Phase 6 Specialize : Pick a lane: Red, Blue, or Cloud ** Phase 1 - Foundations:** Before learning how to hack or defend anything, you need to understand how computers and the internet actually work. Skip this and you'll be blindly running tools with no idea why they do what they do. What to learn: ▸ How computers store and process data (bits, bytes, binary) ▸ What an operating system does ▸ How the internet works at a basic level (client, server, request, response) ▸ What IP addresses, ports, and protocols are Free resources: ▸ CS50's Introduction to Computer Science : https://pll.harvard.edu/course/cs50-introduction-computer-science ▸ Professor Messer's CompTIA A+ : https://www.professormesser.com/get-a-plus-core-1-certified/ ** Phase 2 - Networking:** Networking is the bloodline of cybersecurity. Every attack and every defense happens over a network. You cannot protect what you don't understand. What to learn: ▸ OSI Model - 7 layers, what each one does ▸ TCP/IP - how data actually travels across the internet ▸ Key protocols: DNS, DHCP, HTTP/HTTPS, FTP, SSH, SMTP ▸ Subnetting - how IP ranges work ▸ How firewalls, routers, and switches fit together Hands-on tools: ▸ Wireshark - capture and read real network traffic ▸ Cisco Packet Tracer - simulate networks for free Free resources: ▸ Professor Messer's Network+ : https://www.professormesser.com/network-plus/n10-009/n10-009-video/n10-009-training-course/ ▸ TryHackMe Pre-Security Path : TryHackMe | Pre Security Training Phase 3 - Linux & Windows: In a real job, you won't be clicking icons. You'll be working in terminals and command lines. Get comfortable here before moving on. Linux - what to learn: ▸ Navigating directories: cd, ls, pwd, find ▸ File permissions: chmod, chown ▸ Processes: ps, kill, top ▸ Networking commands: ifconfig, netstat, ping, curl ▸ Text editing: nano or vim basics Windows - what to learn: ▸ Command Prompt and PowerShell basics ▸ User and group management ▸ File permissions and registry basics ▸ Windows Event Logs - where everything is recorded Free resources: ▸ Linux Journey - Linux Journey Official Site | Learn Linux for Free ▸ TryHackMe - Linux Fundamentals (Parts 1, 2, 3) (TryHackMe | Linux Fundamentals Training) ▸ TryHackMe - Windows Fundamentals (Parts 1, 2, 3) ( TryHackMe | Windows Fundamentals Training) ** Phase 4 - Programming** You are not trying to become a software developer. But if you can't read code, you can't understand how attacks happen, how tools work, or how to automate your own tasks. Start with Python - it's the standard in security. Focus only on: ▸ Variables, strings, and data types ▸ Lists, dictionaries (storing collections of data) ▸ If/else logic and loops ▸ Reading and writing files ▸ Basic network scripts using the socket library Also worth knowing: ▸ Bash scripting - automate repetitive Linux tasks ▸ Basic HTML/JavaScript - helps with web security later Free resources: ▸ Code with Harry - Python course : https://www.codewithharry.com/tutorial/python ▸ Code with Harry - javascript: https://www.codewithharry.com/tutorial/js Phase 5 - Core Security Concepts & Tools Now you have the foundation. Time to learn how attackers think and how defenders respond. Core concepts to understand: ▸ CIA Triad - Confidentiality, Integrity, Availability ▸ Authentication vs Authorisation ▸ Common attack types: phishing, MITM, SQL injection, XSS, brute force ▸ Malware types: virus, worm, ransomware, trojan, spyware ▸ Vulnerability vs Exploit vs Payload ▸ Defence in depth - layered security approach Essential tools to get hands-on with: ▸ Nmap - network scanner, find open ports and services ▸ Burp Suite - intercept and analyse web traffic ▸ Metasploit - learn how exploits are structured (legal lab use only) ▸ Wireshark - analyse packet captures ▸ John the Ripper / Hashcat - password cracking basics Free resources: ▸ TryHackMe - Cybersecurity 101 (TryHackMe | Cyber Security 101 Training) ▸ TryHackMe - Jr Penetration Tester path (TryHackMe | Jr Penetration Tester Training) ▸ PortSwigger Web Security Academy ( https://portswigger.net/web-security ) ** Certifications:** Certs don't replace skill. But they signal to employers that you understand the basics. Here's the recommended order for beginners: Beginner (start here): ▸ CompTIA Security+ - Most widely recognised entry-level cert. Covers everything broadly. ▸ Google Cybersecurity Certificate (Coursera) - Free with financial aid. Good intro. Intermediate : ▸ CompTIA CySA+ - Defensive/analyst focused ▸ CEH Practical (Certified Ethical Hacker Practical) - hands-on exam, not multiple choice. Avoid the theory-only version or combine both practical and theory. ▸ eJPT by INE - Practical, beginner penetration testing cert Reality check: Certificates don’t matter as much as practical skills do. A certificate tells employers you studied. Your lab work, CTF writeups, and GitHub tell them you can actually do the job. Build the skills first, the cert is just the stamp on top. Phase 6 - Pick Your Specialization Once you have the foundations, it's time to go deep in one direction. Here are the three main paths: Red Team (Offensive) You simulate real attacks to find weaknesses before the bad guys do. This is penetration testing, red teaming, and ethical hacking. What you'll do: ▸ Scan networks for open ports and vulnerabilities ▸ Exploit misconfigurations and software flaws ▸ Break into systems (legally, in a controlled scope) ▸ Write reports showing what you found and how to fix it Where to learn: ▸ TryHackMe - Jr Penetration Tester path(TryHackMe | Jr Penetration Tester Training) ▸ TryHackMe - Web Application Pen testing (TryHackMe | Web Application Pentesting Training) Blue Team (Defensive) You monitor, detect, and respond to real attacks. This is SOC analysis, incident response, and digital forensics. What you'll do: ▸ Analyse security logs and alerts ▸ Investigate suspicious activity and incidents ▸ Hunt for threats hiding in the network ▸ Write detection rules and playbooks Where to learn: ▸ TryHackMe - SOC Level 1 path (TryHackMe | SOC Level 1 Training) ▸ Blue Team Labs Online - (Blue Team Labs Online - Cyber Range) Cloud Security As companies move everything to AWS, Azure, and GCP, cloud security skills are exploding in demand. This is one of the highest-paying niches. What you'll do: ▸ Secure cloud infrastructure and configurations ▸ Manage IAM (Identity & Access Management) policies ▸ Monitor cloud environments for threats ▸ Ensure compliance with frameworks like CIS Benchmarks Where to learn: ▸ AWS free training (600+ courses) ( https://aws.amazon.com/training/ ) ▸ CloudGoat by Rhino Security Labs ( https://github.com/RhinoSecurityLabs/cloudgoat ) Build a Home Lab A home lab is where you go from student to practitioner. Before setting up software, make sure your system can handle running multiple virtual machines simultaneously. Minimum system requirements: ▸ RAM: 8GB minimum, 16GB recommended - running 2-3 VMs at once eats memory fast ▸ Processor: Intel Core i5 9th Gen+ or AMD Ryzen 5 5000 series+ — you need virtualisation support (VT-x/AMD-V) ▸ Storage (Preferrable - SSD): 100GB+ free space — VMs take up 20-40GB each Essential setup: ▸ VirtualBox or VMware (free) - run multiple virtual machines ▸ Kali Linux VM - the standard attacker machine, free download ▸ Windows 10/11 VM - for practicing Windows attacks and defense ▸ Metasploitable - deliberately vulnerable Linux machine to attack ▸ DVWA (Damn Vulnerable Web App) - vulnerable web app for web security practice ▸ Splunk - To detect the attacks What to do in your lab: ▸ Practice Nmap scanning on your own VMs ▸ Set up a basic SIEM (like Splunk free tier) and generate logs ▸ Try attacking Metasploitable, then defend it ▸ Capture traffic in Wireshark and analyze what you see Daily Learning Routine Consistency beats intensity. 1 hour every day beats 7 hours on Sunday. Suggested daily split (1–2 hours): ▸ 30 min - One TryHackMe room or lab ▸ 20 min - Read one cybersecurity article or news update ▸ 10 min - Write down what you learned (notes = retention) Weekly goals: ▸ Complete at least 3 hands-on labs ▸ Solve one CTF challenge ▸ Post one thing you learned on LinkedIn or a blog ** Resources & Communities:** You will get stuck. That's normal. These communities and resources will help. Must-follow YouTube channels: ▸ NetworkChuck - great for networking and general intro content ( https://www.youtube.com/@NetworkChuck ) ▸ John Hammond - CTF walkthroughs and malware analysis ( https://www.youtube.com/@_JohnHammond ) ▸ The Cyber Mentor (TCM Security) - practical hacking tutorials( https://www.youtube.com/@TCMSecurityAcademy ) ▸ David Bombal - networking and ethical hacking ( https://www.youtube.com/@davidbombal ) ▸ Indian Cyber Club - Bug Bounty and ethical hacking ( https://www.youtube.com/@AbhishekParashar-ICC ) Resources to use: ▸ TryHackMe ( TryHackMe | Cyber Security Training) - Best for beginners ▸ HacktheBox ( Best Online Cybersecurity Courses & Certifications | HTB Academy) - for intermediate level ▸ PortSwigger Web Academy - Dedicated web application security labs. Completely free. ( https://portswigger.net/web-security ) ▸ Overthewire ( Bandit) - Best platform to practise linux for beginners. ( https://overthewire.org/wargames/bandit/ ) ▸ Blue T