CTFs (Capture the Flag)
Find the detailed version of this roadmap
along with resources and other roadmaps
HackTheBox
https://roadmap.sh
Cyber Security
TryHackMe
VulnHub
picoCTF
Fundamental IT Skills
SANS Holiday Hack Challenge
Computer Hardware Components
Certifications
Connection Types and their function
Beginner Certifications
OS-Independent Troubleshooting
CompTIA A+
Understand Basics of Popular Suites
CompTIA Linux+
CompTIA Network+
NFC
WiFi
iCloud
Bluetooth
Google Suite
Infrared
Microsoft O!ce Suite
Basics of Computer Networking
CCNA
CompTIA Security+
Linux
Windows
MacOS
Advanced Certifications
Operating Systems
CISSP
CISA
CISM
Basics of Subnetting
GSEC
GPEN
GWAPT
Public vs Private IP Addresses
GIAC
OSCP
CREST
IP Terminology
localhost
CEH
loopback
subnet mask
Learn following for Each
Installation and Configuration
CIDR
Di"erent Versions and Di"erences
default gateway
Navigating using GUI and CLI
Understand the Terminology
VMWare
VirtualBox
esxi
proxmox
Common Virtualization Technologies
Hypervisor
VM
GuestOS
VLAN
DMZ
NAT
IP
DNS
Router
HostOS
ARP
Understand Permissions
VM
Installing Software and Applications
DHCP
Performing CRUD on Files
Switch
VPN
Troubleshooting
Understand basics of Virtualization
MAN
LAN
Troubleshooting Tools
iptables
Packet Sni"ers
ipconfig
netstat
Port Scanners
dig
arp
nmap
route
Common Commands
WLAN
Understand these
nslookup
ping
WAN
DHCP
Protocol Analyzers
tcpdump
DNS
NTP
IPAM
Understand the OSI model
Function of Each
Networking Knowledge
Network Topologies
tracert
Star
Ring
Mesh
Bus
Common Protocols and their Uses
Authentication Methodologies
Understand Common Protocols
Kerberos
LDAP
SSO
Certificates
Local Auth
RADIUS
SSH
RDP
FTP
HTTP / HTTPS
Common Ports and their Uses
SFTP
SSL and TLS Basics
SSL / TLS
Basics of NAS and SAN
Understand Common Hacking Tools
Core Concepts of Zero Trust
Understand Common Exploit Frameworks
Blue Team vs Red Team vs Purple Team
Roles of Compliance and Auditors
Understand Concept of Defense in Depth
False Negative / False Positive
Understand the Definition of Risk
True Negative / True Positive
Understand Backups and Resiliency
Basics of Threat Intel, OSINT
Understand Concept of Runbooks
Understand Basics of Forensics
Cyber Kill Chain
Basics and Concepts of Threat Hunting
MFA and 2FA
Understand Handshakes
Basics of Vulnerability Management
Operating System Hardening
Understand CIA Triad
Basics of Reverse Engineering
Understand the Concept of Isolation
Privilege escalation / User based Attacks
Penetration Testing Rules of Engagement
Basics of IDS and IPS
Perimiter vs DMZ vs Segmentation
Honeypots
Web Based Attacks and OWASP 10
Authentication vs Authorization
Learn how Malware Operates and Types
Security Skills and Knowledge
Tools for Incident Response and Discovery
nmap
tracert
nslookup
hping
ping
ipconfig
head
tail
grep
memdump
dig
arp
cat
wireshark
FTK Imager
Basics of Cryptography
Salting
curl
dd
PKI
winhex
Kill chain
autopsy
NIST
RMF
SIEM
CIS
SOAR
Antimalware
NIPS
Social Engineering
S/MIME
Impersonation
EDR
ACL
EAP vs PEAP
Evil Twin
WPS
netflow
Firewall Logs
Preparation
Identification
Containment
Eradication
Recovery
Lessons Learned
Understand Hardening Concepts
MAC-based
NAC-based
Group Policy
ACLs
Zero Day
Patching
Known vs Unknown
MITM
Deauth Attack
VirusTotal
Joe Sandbox
Spoofing
VLAN Hopping
Rogue Access Point
War-driving/dialing
Bu"er Overflow
Memory Leak
SQL Injection
CSRF
Pass the Hash
XSS
Replay Attack
Directory Traversal
Understand Audience
APT
Stakeholders
HR
Legal
Compliance
Management
Understand Common Tools
Endpoint Security
ARP Poisoning
DNS Poisoning
Understand Threat Classification
Port Blocking
Sinkholes
Typo Squatting
Common Network Based Attacks
DoS vs DDoS
Understand the Incident Response Process
syslogs
Watering Hole Attack
Brute Force vs Password Spray
DLP
HIPS
WPA vs WPA2 vs WPA3 vs WEP
Zero Day
Reconnaissance
Drive by Attack
Host Based Firewall
Sandboxing
Kali Linux
LOLBAS
Jump Server
SRTP
Shoulder Surfing
Tailgating
IPSEC
Firewall and Nextgen Firewall
NIDS
Learn how to find and use these logs
Packet Captures
LDAPS
Antivirus
Using tools for unintended purposes
Event Logs
Spam vs Spim
Dumpster Diving
Understand the following Terms
CSF
ParrotOS
Phishing vs Vishing vs Whaling vs Smishing
Obfuscation
SSL vs TLS
DNSSEC
Diamond Model
Common Distros for Hacking
Understand
Pvt Key vs Pub Key
FTP vs SFTP
Understand Common Standards
ISO
Attack Types and Di"erences
Key Exchange
Understand Secure vs Unsecure Protocols
Understand Frameworks
ATT&CK
Hashing
any.run
urlvoid
urlscan
WHOIS
Cloud skills and Knowledge
Understand Cloud Services
Understand concepts of security in the cloud
Understand the basics and general flow of deploying in the cloud
SaaS
PaaS
Common Cloud Environments
IaaS
AWS
Hybrid
S3
GCP
Azure
Understand the di"erences between cloud and on-premises
Common Cloud Storage
Cloud Models
Understand the concept of infrastructure as code
Private
Public
Understand the concept of Serverless
Dropbox
OneDrive
Understand the concept of CDN
Box
Google Drive
iCloud
Programming Skills and Knowledge (Optional But Recommended)
Python
Go
JavaScript
C++
Keep Learning
Bash
Power Shell
0
