All Roadmaps

Cybersecurity Engineer

Protect systems and data from adversaries — network security, ethical hacking, secure coding, incident response, and cloud security.

Networking & Protocols
Internal

Security starts with understanding how data flows. Master TCP/IP, DNS, HTTP, and common network attacks.

Read More
TCP/IP & OSI Model

Protocol stack, packet structure, ARP, DNS, DHCP, NAT, routing, subnetting (CIDR).

Nmap & Wireshark

Host/port discovery, service fingerprinting, packet analysis, filtering, protocol dissection.

TLS/SSL & PKI

Certificate chain, CA, TLS 1.3 handshake, cipher suites, HSTS, certificate transparency.

Linux Security

Most servers run Linux. Master permissions, hardening, logging, and common Linux attack paths.

File Permissions & Users

chmod, chown, umask, SUID/SGID/sticky bit, ACLs, /etc/passwd and /etc/shadow.

System Hardening

CIS benchmarks, disable unused services, SSH hardening, PAM, AppArmor/SELinux basics.

Log Analysis

/var/log/auth.log, syslog, journalctl, auditd, identifying brute force and privilege escalation in logs.

Web Application Security
Internal

OWASP Top 10 and beyond — attack and defend modern web applications.

Read More
OWASP Top 10

Study and exploit each of the top 10 vulnerabilities: SQLi, XSS, CSRF, SSRF, IDOR, etc.

Open
Burp Suite

Intercepting proxy, scanner, repeater, intruder, Collaborator — the essential web hacking toolkit.

Open
SQL Injection

UNION-based, blind (boolean/time), error-based, out-of-band. WAF bypass techniques. sqlmap.

XSS & CSRF

Reflected, stored, DOM XSS. CSP bypass. CSRF token flaws, SameSite attribute, double-submit.

Penetration Testing

Systematic approach to finding vulnerabilities before attackers do.

Penetration Testing Methodology

PTES, OWASP Testing Guide, scoping, rules of engagement, reporting.

Open
Metasploit Framework

Exploit modules, payloads (Meterpreter), auxiliary modules, post-exploitation, sessions.

CTF Practice Platforms

HackTheBox, TryHackMe, PicoCTF, PortSwigger Web Security Academy — learn by doing.

Open
Report Writing

Executive summary, technical findings, risk ratings (CVSS), remediation recommendations.

Cloud Security

Securing AWS, GCP, and Azure environments — IAM misconfigurations, exposed buckets, and cloud-native threats.

AWS Security

IAM least privilege, S3 bucket ACLs, SecurityHub, GuardDuty, CloudTrail, VPC security groups.

Open
Cloud Misconfig Hunting

Prowler, ScoutSuite, CloudSploit — automated cloud security assessment tools.

Container Security

Docker image scanning (Trivy), Kubernetes RBAC, Pod Security Standards, network policies, Falco.

Cryptography Applied
Internal

Understand the cryptographic primitives that secure modern systems and their common pitfalls.

Read More
Symmetric & Asymmetric Crypto

AES-GCM, RSA, ECC, key exchange (ECDHE), hash functions, MACs, HMAC.

PKI & Certificates

X.509, CA chain, certificate pinning, Let's Encrypt, OCSP stapling, CT logs.

Common Crypto Mistakes

ECB mode, nonce reuse, weak PRNGs, missing authentication, rolling your own crypto.

Incident Response & Forensics
Optional

When breaches happen, know how to contain, investigate, and recover.

Optional IR Lifecycle

Preparation, identification, containment, eradication, recovery, lessons learned (NIST 800-61).

Open
Optional Memory & Disk Forensics

Volatility (memory), Autopsy (disk), timeline analysis, artefact locations (prefetch, registry, MFT).

Optional SIEM & Threat Hunting

Splunk, Elastic SIEM, Sigma rules, MITRE ATT&CK framework, hypothesis-driven hunting.

Certifications Roadmap
Internal

Industry certifications validate your skills and open doors. Here is the recommended progression.

Read More
CompTIA Security+

Industry-standard entry-level certification. Network security, threats, cryptography, access control.

Open
Optional OSCP

Gold standard penetration testing certification. 24-hour practical exam in a lab environment.

Open
Optional CISSP

Senior management certification. Requires 5 years of experience. Broad security domains.

Open