Uploaded by bensalahmerwane179

cyber-security roadmap

advertisement
CTFs (Capture the Flag)
Find the detailed version of this roadmap
along with resources and other roadmaps
HackTheBox
https://roadmap.sh
Cyber Security
TryHackMe
VulnHub
picoCTF
Fundamental IT Skills
SANS Holiday Hack Challenge
Computer Hardware Components
Certifications
Connection Types and their function
Beginner Certifications
OS-Independent Troubleshooting
CompTIA A+
Understand Basics of Popular Suites
CompTIA Linux+
CompTIA Network+
NFC
WiFi
iCloud
Bluetooth
Google Suite
Infrared
Microsoft O!ce Suite
Basics of Computer Networking
CCNA
CompTIA Security+
Linux
Windows
MacOS
Advanced Certifications
Operating Systems
CISSP
CISA
CISM
Basics of Subnetting
GSEC
GPEN
GWAPT
Public vs Private IP Addresses
Learn following for Each
GIAC
OSCP
CREST
IP Terminology
Installation and Configuration
localhost
CEH
loopback
subnet mask
CIDR
Di"erent Versions and Di"erences
default gateway
Navigating using GUI and CLI
Understand the Terminology
VMWare
VirtualBox
esxi
proxmox
VLAN
Common Virtualization Technologies
Hypervisor
VM
GuestOS
DMZ
NAT
IP
VM
DNS
Router
HostOS
ARP
Understand Permissions
Installing Software and Applications
DHCP
Performing CRUD on Files
VPN
Troubleshooting
Switch
Understand basics of Virtualization
MAN
LAN
Troubleshooting Tools
nslookup
iptables
ipconfig
ping
dig
nmap
route
DHCP
Port Scanners
arp
WLAN
Understand these
Packet Sni"ers
netstat
WAN
Common Commands
NTP
IPAM
Understand the OSI model
Function of Each
Protocol Analyzers
tcpdump
DNS
Networking Knowledge
Network Topologies
tracert
Star
Ring
Mesh
Bus
Common Protocols and their Uses
Authentication Methodologies
Kerberos
LDAP
Certificates
Understand Common Protocols
SSO
Local Auth
SSH
RADIUS
RDP
FTP
HTTP / HTTPS
Common Ports and their Uses
SFTP
SSL and TLS Basics
SSL / TLS
Basics of NAS and SAN
Understand Common Hacking Tools
Core Concepts of Zero Trust
Understand Common Exploit Frameworks
Blue Team vs Red Team vs Purple Team
Roles of Compliance and Auditors
Understand Concept of Defense in Depth
False Negative / False Positive
Understand the Definition of Risk
Understand Concept of Runbooks
True Negative / True Positive
Understand Backups and Resiliency
Understand Basics of Forensics
Cyber Kill Chain
Basics and Concepts of Threat Hunting
Basics of Threat Intel, OSINT
MFA and 2FA
Understand Handshakes
Basics of Vulnerability Management
Operating System Hardening
Understand CIA Triad
Basics of Reverse Engineering
Understand the Concept of Isolation
Privilege escalation / User based Attacks
Penetration Testing Rules of Engagement
Basics of IDS and IPS
Perimiter vs DMZ vs Segmentation
Honeypots
Web Based Attacks and OWASP 10
Authentication vs Authorization
Learn how Malware Operates and Types
Security Skills and Knowledge
Tools for Incident Response and Discovery
nmap
tracert
ipconfig
head
nslookup
hping
tail
ping
grep
memdump
dig
arp
FTK Imager
Salting
curl
cat
wireshark
Basics of Cryptography
dd
PKI
winhex
Kill chain
autopsy
NIST
SIEM
CIS
NIDS
NIPS
Impersonation
HIPS
Host Based Firewall
DoS vs DDoS
EAP vs PEAP
Evil Twin
WPS
netflow
Firewall Logs
Identification
Containment
Eradication
Recovery
Lessons Learned
Understand Hardening Concepts
MAC-based
NAC-based
Group Policy
ACLs
Sinkholes
Zero Day
Patching
Known vs Unknown
MITM
VirusTotal
Joe Sandbox
Spoofing
Deauth Attack
VLAN Hopping
Rogue Access Point
War-driving/dialing
Bu"er Overflow
SQL Injection
Memory Leak
CSRF
Pass the Hash
XSS
Replay Attack
Directory Traversal
Understand Audience
APT
Stakeholders
HR
Legal
Compliance
Management
Understand Common Tools
Endpoint Security
ARP Poisoning
DNS Poisoning
Understand Threat Classification
Port Blocking
Typo Squatting
Common Network Based Attacks
Understand the Incident Response Process
syslogs
Watering Hole Attack
Brute Force vs Password Spray
DLP
Preparation
Zero Day
Reconnaissance
Drive by Attack
EDR
ACL
Tailgating
Social Engineering
S/MIME
WPA vs WPA2 vs WPA3 vs WEP
Learn how to find and use these logs
Jump Server
Antimalware
Sandboxing
Kali Linux
LOLBAS
Packet Captures
SRTP
Shoulder Surfing
Dumpster Diving
IPSEC
Firewall and Nextgen Firewall
Using tools for unintended purposes
Event Logs
LDAPS
Antivirus
CSF
ParrotOS
Spam vs Spim
Understand the following Terms
Common Distros for Hacking
SOAR
Phishing vs Vishing vs Whaling vs Smishing
Obfuscation
SSL vs TLS
DNSSEC
Diamond Model
RMF
Understand
Pvt Key vs Pub Key
FTP vs SFTP
Understand Common Standards
ISO
Key Exchange
Understand Secure vs Unsecure Protocols
Understand Frameworks
ATT&CK
Hashing
Attack Types and Di"erences
any.run
urlvoid
urlscan
WHOIS
Cloud skills and Knowledge
Understand Cloud Services
Understand concepts of security in the cloud
Understand the basics and general flow of deploying in the cloud
SaaS
PaaS
IaaS
Common Cloud Environments
AWS
GCP
Azure
Understand the di"erences between cloud and on-premises
Common Cloud Storage
Cloud Models
Understand the concept of infrastructure as code
Private
Public
Hybrid
Understand the concept of Serverless
S3
Dropbox
OneDrive
Understand the concept of CDN
Box
Google Drive
iCloud
Programming Skills and Knowledge (Optional But Recommended)
Python
Go
JavaScript
C++
Keep Learning
Bash
Power Shell
Download