Stay in the loop

Get notified when new paths are added

Defence Forces, Psychology, Architecture, Agriculture, and more are coming. One email a month at most. No spam.

CareerMaps

Home Roadmaps

All Careers After 10th After 12th Skills Popular Careers Highest Paying Jobs

BrainMap

About Us Mission & Vision Contact Feedback

Stay in the loop

Get notified when new paths are added

Defence Forces, Psychology, Architecture, Agriculture, and more are coming. One email a month at most. No spam.

Back to All Roadmaps

Cybersecurity

Protect networks, data, and systems from malicious attacks.

Cybersecurity professionals defend networks and systems from malicious hackers. From ethical hacking to defensive security, this roadmap lists the core competencies required.

Estimated Time: 8-12 Months

Starting Salary: ₹6L - ₹24L+ per annum

Quick Overview

Fundamentals

Networking Basics
Protocols (TCP/IP, DNS)
Operating Systems (Linux/Windows)
Cryptography Basics

Security Principles

CIA Triad
Identity & Access Management
Firewalls & VPNs
Risk Assessment

Offensive Security

Ethical Hacking
Penetration Testing
Vulnerability Scanning
Social Engineering

Defensive Security

Intrusion Detection/Prevention
Incident Response
SIEM Tools (Splunk)
Security Auditing

Pro Tips for Success

Learn how to build it before you learn how to break it.
Read write-ups from bug bounty hunters and participate in CTFs.
Stay out of trouble. Do not test networks you do not own.

What Employers Want

Certifications like CompTIA Security+ or CISSP.
Understanding of compliance and legal frameworks.
Ability to explain vulnerabilities to non-technical staff.

Detailed Study Modules

Networking & Protocols

If you can't understand the network, you can't hack it or defend it. Learn OSI model, TCP/IP, DNS, routing, and subnetting deeply.

Recommended Resources

Action Items & Checklist

Understand subnetting calculations
Analyze and parse packets in Wireshark
Setup a secure home network proxy

OS & Linux Internals

Mastering Linux commands, understanding Windows active directory, and learning how operating systems handle permissions and processes.

Recommended Resources

Linux Journey

Action Items & Checklist

Use Nmap to scan open ports on localhost
Understand Linux File Permissions
Learn bash scripting automation

Penetration Testing & Tools

Learn to think like a hacker to find vulnerabilities using tools like Nmap, Metasploit, Burp Suite, and hash cracking tools.

Recommended Resources

Action Items & Checklist

Complete TryHackMe basic rooms
Intercept and manipulate HTTP requests with Burp
Exploit a vulnerable VM via Metasploit

Web Application Security

Understand the most common web vulnerabilities like SQL Injection, XSS, CSRF, and IDOR based on the OWASP Top 10.

Recommended Resources

OWASP Top 10

Action Items & Checklist

Perform an SQL injection attack on DVWA
Prevent XSS by analyzing source code
Understand JWT vulnerabilities

Frequently Asked Questions

How can I start getting practical experience?

Participate in Capture The Flag (CTF) competitions or platforms like HackTheBox and TryHackMe.

Explore Related Paths

Cybersecurity

Protect networks, data, and systems from malicious attacks.

Cybersecurity professionals defend networks and systems from malicious hackers. From ethical hacking to defensive security, this roadmap lists the core competencies required.

Estimated Time: 8-12 Months

Starting Salary: ₹6L - ₹24L+ per annum

Quick Overview

Fundamentals

Networking Basics
Protocols (TCP/IP, DNS)
Operating Systems (Linux/Windows)
Cryptography Basics

Security Principles

CIA Triad
Identity & Access Management
Firewalls & VPNs
Risk Assessment

Offensive Security

Ethical Hacking
Penetration Testing
Vulnerability Scanning
Social Engineering

Defensive Security

Intrusion Detection/Prevention
Incident Response
SIEM Tools (Splunk)
Security Auditing

Pro Tips for Success

Learn how to build it before you learn how to break it.
Read write-ups from bug bounty hunters and participate in CTFs.
Stay out of trouble. Do not test networks you do not own.

What Employers Want

Certifications like CompTIA Security+ or CISSP.
Understanding of compliance and legal frameworks.
Ability to explain vulnerabilities to non-technical staff.

Detailed Study Modules

Networking & Protocols

If you can't understand the network, you can't hack it or defend it. Learn OSI model, TCP/IP, DNS, routing, and subnetting deeply.

Recommended Resources

Action Items & Checklist

Understand subnetting calculations
Analyze and parse packets in Wireshark
Setup a secure home network proxy

OS & Linux Internals

Mastering Linux commands, understanding Windows active directory, and learning how operating systems handle permissions and processes.

Recommended Resources

Linux Journey

Action Items & Checklist

Use Nmap to scan open ports on localhost
Understand Linux File Permissions
Learn bash scripting automation

Penetration Testing & Tools

Learn to think like a hacker to find vulnerabilities using tools like Nmap, Metasploit, Burp Suite, and hash cracking tools.

Recommended Resources

Action Items & Checklist

Complete TryHackMe basic rooms
Intercept and manipulate HTTP requests with Burp
Exploit a vulnerable VM via Metasploit

Web Application Security

Understand the most common web vulnerabilities like SQL Injection, XSS, CSRF, and IDOR based on the OWASP Top 10.

Recommended Resources

OWASP Top 10

Action Items & Checklist

Perform an SQL injection attack on DVWA
Prevent XSS by analyzing source code
Understand JWT vulnerabilities

Frequently Asked Questions

How can I start getting practical experience?

Participate in Capture The Flag (CTF) competitions or platforms like HackTheBox and TryHackMe.

Explore Related Paths