Cybersecurity Roadmap

Ajitesh — Fri, 26 Jun 2026 06:39:22 +0000

Introduction:
Cybersecurity is one of the most in-demand fields on the planet - and also one of the most confusing to break into. This roadmap cuts through the noise. No fluff, no overwhelming jargon. Just a clear, step-by-step path from zero knowledge to job-ready skills.

Who this is for:
▸ Complete beginners.
▸ Students who want practical skills, not just theory
The Big Picture

Phase Focus Goal
Phase 1 Foundations : Understand how computers & internet actually work
Phase 2 Networking : Read network traffic, understand protocols
Phase 3 Linux & Windows : Navigate both OS like a professional
Phase 4 Programming : Read & write basic scripts
Phase 5 Core Security : Learn how attacks & defense work
Phase 6 Specialize : Pick a lane: Red, Blue, or Cloud

Phase 1 - Foundations:
Before learning how to hack or defend anything, you need to understand how computers and the internet actually work. Skip this and you'll be blindly running tools with no idea why they do what they do.

What to learn:
▸ How computers store and process data (bits, bytes, binary)
▸ What an operating system does
▸ How the internet works at a basic level (client, server, request, response)
▸ What IP addresses, ports, and protocols are

Free resources:
▸ CS50's Introduction to Computer Science : https://pll.harvard.edu/course/cs50-introduction-computer-science
▸ Professor Messer's CompTIA A+ : https://www.professormesser.com/get-a-plus-core-1-certified/

Phase 2 - Networking:
Networking is the bloodline of cybersecurity. Every attack and every defense happens over a network. You cannot protect what you don't understand.

What to learn:
▸ OSI Model - 7 layers, what each one does
▸ TCP/IP - how data actually travels across the internet
▸ Key protocols: DNS, DHCP, HTTP/HTTPS, FTP, SSH, SMTP
▸ Subnetting - how IP ranges work
▸ How firewalls, routers, and switches fit together

Hands-on tools:
▸ Wireshark - capture and read real network traffic
▸ Cisco Packet Tracer - simulate networks for free

Free resources:
▸ Professor Messer's Network+ : https://www.professormesser.com/network-plus/n10-009/n10-009-video/n10-009-training-course/
▸ TryHackMe Pre-Security Path : TryHackMe | Pre Security Training

Phase 3 - Linux & Windows:
In a real job, you won't be clicking icons. You'll be working in terminals and command lines. Get comfortable here before moving on.

Linux - what to learn:
▸ Navigating directories: cd, ls, pwd, find
▸ File permissions: chmod, chown
▸ Processes: ps, kill, top
▸ Networking commands: ifconfig, netstat, ping, curl
▸ Text editing: nano or vim basics

Windows - what to learn:
▸ Command Prompt and PowerShell basics
▸ User and group management
▸ File permissions and registry basics
▸ Windows Event Logs - where everything is recorded

Free resources:
▸ Linux Journey - Linux Journey Official Site | Learn Linux for Free
▸ TryHackMe - Linux Fundamentals (Parts 1, 2, 3) (TryHackMe | Linux Fundamentals Training)
▸ TryHackMe - Windows Fundamentals (Parts 1, 2, 3) ( TryHackMe | Windows Fundamentals Training)

Phase 4 - Programming
You are not trying to become a software developer. But if you can't read code, you can't understand how attacks happen, how tools work, or how to automate your own tasks.

Start with Python - it's the standard in security. Focus only on:
▸ Variables, strings, and data types
▸ Lists, dictionaries (storing collections of data)
▸ If/else logic and loops
▸ Reading and writing files
▸ Basic network scripts using the socket library

Also worth knowing:
▸ Bash scripting - automate repetitive Linux tasks
▸ Basic HTML/JavaScript - helps with web security later

Free resources:
▸ Code with Harry - Python course : https://www.codewithharry.com/tutorial/python
▸ Code with Harry - javascript: https://www.codewithharry.com/tutorial/js
Phase 5 - Core Security Concepts & Tools
Now you have the foundation. Time to learn how attackers think and how defenders respond.

Core concepts to understand:
▸ CIA Triad - Confidentiality, Integrity, Availability
▸ Authentication vs Authorisation
▸ Common attack types: phishing, MITM, SQL injection, XSS, brute force
▸ Malware types: virus, worm, ransomware, trojan, spyware
▸ Vulnerability vs Exploit vs Payload
▸ Defence in depth - layered security approach

Essential tools to get hands-on with:
▸ Nmap - network scanner, find open ports and services
▸ Burp Suite - intercept and analyse web traffic
▸ Metasploit - learn how exploits are structured (legal lab use only)
▸ Wireshark - analyse packet captures
▸ John the Ripper / Hashcat - password cracking basics

Free resources:
▸ TryHackMe - Cybersecurity 101 (TryHackMe | Cyber Security 101 Training)
▸ TryHackMe - Jr Penetration Tester path (TryHackMe | Jr Penetration Tester Training)
▸ PortSwigger Web Security Academy (https://portswigger.net/web-security)

Certifications:
Certs don't replace skill. But they signal to employers that you understand the basics. Here's the recommended order for beginners:

Beginner (start here):
▸ CompTIA Security+ - Most widely recognised entry-level cert. Covers everything broadly.
▸ Google Cybersecurity Certificate (Coursera) - Free with financial aid. Good intro.

Intermediate :
▸ CompTIA CySA+ - Defensive/analyst focused
▸ CEH Practical (Certified Ethical Hacker Practical) - hands-on exam, not multiple choice. Avoid the theory-only version or combine both practical and theory.
▸ eJPT by INE - Practical, beginner penetration testing cert

Reality check: Certificates don’t matter as much as practical skills do. A certificate tells employers you studied. Your lab work, CTF writeups, and GitHub tell them you can actually do the job. Build the skills first, the cert is just the stamp on top.

Phase 6 - Pick Your Specialization
Once you have the foundations, it's time to go deep in one direction. Here are the three main paths:

Red Team (Offensive)
You simulate real attacks to find weaknesses before the bad guys do. This is penetration testing, red teaming, and ethical hacking.

What you'll do:
▸ Scan networks for open ports and vulnerabilities
▸ Exploit misconfigurations and software flaws
▸ Break into systems (legally, in a controlled scope)
▸ Write reports showing what you found and how to fix it

Where to learn:
▸ TryHackMe - Jr Penetration Tester path(TryHackMe | Jr Penetration Tester Training)
▸ TryHackMe - Web Application Pen testing (TryHackMe | Web Application Pentesting Training)

Blue Team (Defensive)
You monitor, detect, and respond to real attacks. This is SOC analysis, incident response, and digital forensics.

What you'll do:
▸ Analyse security logs and alerts
▸ Investigate suspicious activity and incidents
▸ Hunt for threats hiding in the network
▸ Write detection rules and playbooks

Where to learn:
▸ TryHackMe - SOC Level 1 path (TryHackMe | SOC Level 1 Training)
▸ Blue Team Labs Online - (Blue Team Labs Online - Cyber Range)

Cloud Security
As companies move everything to AWS, Azure, and GCP, cloud security skills are exploding in demand. This is one of the highest-paying niches.

What you'll do:
▸ Secure cloud infrastructure and configurations
▸ Manage IAM (Identity & Access Management) policies
▸ Monitor cloud environments for threats
▸ Ensure compliance with frameworks like CIS Benchmarks

Where to learn:
▸ AWS free training (600+ courses) (https://aws.amazon.com/training/)

▸ CloudGoat by Rhino Security Labs (https://github.com/RhinoSecurityLabs/cloudgoat)
Build a Home Lab
A home lab is where you go from student to practitioner. Before setting up software, make sure your system can handle running multiple virtual machines simultaneously.

Minimum system requirements:
▸ RAM: 8GB minimum, 16GB recommended - running 2-3 VMs at once eats memory fast
▸ Processor: Intel Core i5 9th Gen+ or AMD Ryzen 5 5000 series+ — you need virtualisation support (VT-x/AMD-V)
▸ Storage (Preferrable - SSD): 100GB+ free space — VMs take up 20-40GB each

Essential setup:
▸ VirtualBox or VMware (free) - run multiple virtual machines
▸ Kali Linux VM - the standard attacker machine, free download
▸ Windows 10/11 VM - for practicing Windows attacks and defense
▸ Metasploitable - deliberately vulnerable Linux machine to attack
▸ DVWA (Damn Vulnerable Web App) - vulnerable web app for web security practice
▸ Splunk - To detect the attacks

What to do in your lab:
▸ Practice Nmap scanning on your own VMs
▸ Set up a basic SIEM (like Splunk free tier) and generate logs
▸ Try attacking Metasploitable, then defend it
▸ Capture traffic in Wireshark and analyze what you see

Daily Learning Routine
Consistency beats intensity. 1 hour every day beats 7 hours on Sunday.

Suggested daily split (1–2 hours):
▸ 30 min - One TryHackMe room or lab
▸ 20 min - Read one cybersecurity article or news update
▸ 10 min - Write down what you learned (notes = retention)

Weekly goals:
▸ Complete at least 3 hands-on labs
▸ Solve one CTF challenge
▸ Post one thing you learned on LinkedIn or a blog

Resources & Communities:
You will get stuck. That's normal. These communities and resources will help.

Must-follow YouTube channels:
▸ NetworkChuck - great for networking and general intro content (https://www.youtube.com/@NetworkChuck)
▸ John Hammond - CTF walkthroughs and malware analysis ( https://www.youtube.com/@_JohnHammond)
▸ The Cyber Mentor (TCM Security) - practical hacking tutorials( https://www.youtube.com/@TCMSecurityAcademy)
▸ David Bombal - networking and ethical hacking ( https://www.youtube.com/@davidbombal)
▸ Indian Cyber Club - Bug Bounty and ethical hacking (https://www.youtube.com/@AbhishekParashar-ICC)

Resources to use:
▸ TryHackMe ( TryHackMe | Cyber Security Training) - Best for beginners
▸ HacktheBox ( Best Online Cybersecurity Courses & Certifications | HTB Academy) - for intermediate level
▸ PortSwigger Web Academy - Dedicated web application security labs. Completely free. ( https://portswigger.net/web-security)
▸ Overthewire ( Bandit) - Best platform to practise linux for beginners. ( https://overthewire.org/wargames/bandit/)
▸ Blue Team Labs Online - (Blue Team Labs Online - Cyber Range)

Must-bookmark websites:
▸ OWASP Top 10 : the standard list of web vulnerabilities (https://owasp.org/www-project-top-ten/)
▸ MITRE ATT&CK : how real attackers operate ( https://attack.mitre.org/)
▸ CVE Detail : track real vulnerabilities (https://www.cvedetails.com/)
▸ Krebs on Security : real-world security news ( https://krebsonsecurity.com/)
▸ CyberVulnx : CyberVulnX is a student-driven cybersecurity club focused on capture the flag, digital forensics, cyber awareness, and practical cybersecurity learning (https://cybervulnx.in/)

Conclusion:
The cybersecurity industry has a massive skills gap. Companies are desperate for people who can actually do the work - not just talk about it.

Here's what separates candidates who get hired from those who don't:
▸ They have a GitHub with real projects
▸ They've done hundreds of hands-on labs, not just watched tutorials
▸ They can explain what they did and why - in plain English
▸ They keep learning even when nobody is watching

Your degree (or lack of one) matters far less than your demonstrated skill. Build things. Break things. Document everything. Share it publicly.

DEV Community: CyberVulnx

Cybersecurity Roadmap