Master SQL with our new premium course START LEARNING →

Start Here Roadmaps AI Tutor Login Sign Up

← All Roadmaps Schedule Learning Time Download Share

Cyber Security Expert

Step by step guide to becoming a Cyber Security Expert in 2025

Roadmap Suggest Changes

0% DONE 0 of 301 Done Track Progress

CTFs (Capture the Flag)

Find the detailed version of this roadmap
HackTheBox along with other similar roadmaps

TryHackMe Cyber Security roadmap.sh

VulnHub

picoCTF
Fundamental IT Skills

SANS Holiday Hack Challenge

Computer Hardware Components

Certifications NFC Bluetooth

Beginner Certifications Connection Types and their function

WiFi Infrared
CompTIA A+ CompTIA Linux+ OS-Independent Troubleshooting

CompTIA Network+ CCNA Understand Basics of Popular Suites MS Office Suite

CompTIA Security+ Basics of Computer Networking iCloud

Advanced Certifications Google Suite

CEH CISA CISM

Windows Linux MacOS
GSEC GPEN GWAPT

Basics of Subnetting
GIAC OSCP CREST Operating Systems

Public vs Private IP Addresses

CISSP
Learn following for each
IP Terminology
Installation and Configuration
VMWare VirtualBox localhost loopback CIDR

Different Versions and Differences

esxi proxmox subnet mask
Navigating using GUI and CLI
Common Virtualization Technologies default gateway
Understand Permissions
Hypervisor GuestOS
Understand the Terminology
Installing Software and Applications
HostOS VM VLAN DMZ ARP VM
Performing CRUD on Files
Basics of Virtualization DHCP DNS NAT IP
Troubleshooting
ipconfig ping dig netstat Router Switch VPN
Common Commands
route nmap tcpdump arp
MAN LAN WAN WLAN

tracert nslookup iptables

Understand these

Packet Sniffers
DHCP DNS NTP IPAM
Networking Knowledge
Port Scanners
Functions of each

Protocol Analyzers
Star Ring Mesh Bus Understand the OSI Model

Troubleshooting Tools
Network Topologies Common Protocols and their Uses

Kerberos RADIUS LDAP SSO SSH RDP FTP SFTP Common Ports and their Uses

Certificates Local Auth HTTP / HTTPS SSL / TLS SSL and TLS Basics

Authentication Methodologies Network Protocols Basics of NAS and SAN

Security Skills and Knowledge

Understand Common Hacking Tools Core Concepts of Zero Trust

Understand Common Exploit Frameworks Roles of Compliance and Auditors Blue / Red / Purple Teams

Understand Concept of Defense in Depth Understand the Definition of Risk False Negative / False Positive

Understand Concept of Runbooks Understand Backups and Resiliency True Negative / True Positive

Understand Basics of Forensics Cyber Kill Chain Basics of Threat Intel, OSINT

Basics and Concepts of Threat Hunting MFA & 2FA Honeypots Understand Handshakes

Basics of Vulnerability Management Operating System Hardening Understand CIA Triad

Basics of Reverse Engineering Understand Concept of Isolation Privilege Escalation

Penetration Testing Rules of Engagement Basics of IDS and IPS Web Based Attacks and OWASP10

Perimiter vs DMZ vs Segmentation Authentication vs Authorization Learn how Malware works and Types

Tools for Incident Response and Discovery Basics of Cryptography Attack Types and Differences

dig nmap ping arp cat dd Salting Hashing Key Exchange Phishing Whishing Whaling

tail hping head grep nslookup Private vs Public Keys Smishing Spam vs Spim

tracert winhex autopsy ipconfig PKI Obfuscation Shoulder Surfing Tailgating

curl wireshark memdump Understand Frameworks Dumpster Diving

Diamond Model Kill Chain Zero day

FTK Imager

ATT&CK Social Engineering

Understand Common Standards

ISO RMF Common Distros for hacking Reconnaissance Impersonation

NIST CIS CSF ParrotOS Kali Linux

Watering Hole Attack

Using tools for Unintended Purposes Understand the following

Drive by Attack
LOLBAS GTFOBINS WADCOMS SIEM SOAR
Typo Squatting
Learn how to find and use these logs Secure vs Unsecure Protocols
Brute Force vs Password Spray
Event Logs syslogs netflow FTP vs SFTP SSL vs TLS IPSEC

Common Attacks
Packet Captures Firewall Logs DNSSEC LDAPS SRTP S/MIME
DoS vs DDoS MITM CSRF

Understand Hardening Concepts Understand the following Terms

Spoofing SQL Injection XSS
MAC-based NAC-based Antivirus Antimalware EDR DLP

Evil Twin VLAN Hopping

Port Blocking Group Policy Firewall & Nextgen Firewall HIPS NIDS

DNS Poisoning
Sinkholes ACLs Patching NIPS Host Based Firewall Sandboxing

Deauth Attack
Jump Server Endpoint Security EAP vs PEAP WPS ACL

Replay Attack
Understand Common Tools WPA vs WPA2 vs WPA3 vs WEP

Rogue Access Point

VirusTotal urlscan any.run Understand the Incident Response Process

Preparation Identification Containment Buffer Overflow

Joe Sandbox urlvoid WHOIS

Eradication Recovery Lessons Learned Memory Leak

Understand Audience

Stakeholders HR Legal Pass the Hash

Understand Threat Classification

Compliance Management Zero Day Known vs Unknown APT Directory Traversal

Cloud Skills and Knowledge

Understand Cloud Services

Understand the Concept of Security in the Cloud
SaaS PaaS IaaS
Understand the differences between cloud and on-premises

Cloud Models
Understand the concept of Infrastructure as Code
Private Public Hybrid
Understand the Concept of Serverless

Understand the basics and general flow of deploying in the cloud Common Cloud Environments

AWS GCP Azure

Python Common Cloud Storage

Go S3 Dropbox iCloud

Programming Skills JavaScript Box OneDrive

C++ Google Drive

Bash

Power Shell
Keep Learning

RelatedRoadmaps All Roadmaps →

Backend Step by step guide to becoming a backend developer in 2025

DevOps Step by step guide for DevOps or operations role in 2025

Python Step by step guide to becoming a Python Developer in 2025

Join the Community

roadmap.sh is the 7th most starred project on GitHub and is visited by
hundreds of thousands of developers every month.

Rank 7th out of 28M! +90k every month +2k every month

316KGitHub Stars
+1.5M Registered Users
36K
Discord Members

Star us on GitHub Register yourself Join on Discord

Help us reach #1 Commit to your growth Join the community

Roadmaps Best Practices Guides Videos FAQs YouTube

roadmap.sh by @kamrify

Community created roadmaps, best practices, projects,

articles, resources and journeys to help you choose your
path and grow in your career.

© roadmap.sh · Terms · Privacy · Advertise ·

The top DevOps resource for Kubernetes,

cloud-native computing, and large-scale
development and deployment.
Webinar: VMs & Containers
DevOps · Kubernetes · Cloud-Native
Discover the secrets to leveraging Kubernetes for simple, scalable, secure edge computing.

PARTNER CONTENT