🛡️ Cybersecurity 6-Month Learning Plan

📅 Month 1: Foundations
Goal: Build strong basics in networking, operating systems, and security concepts.
Week 1-2: Networking
• Learn OSI model, TCP/IP, DNS, DHCP, HTTP/HTTPS.
• Tools: ping, traceroute, netstat, nmap.
• Resource: CompTIA Network+ Notes
Week 3: Linux Basics
• File system navigation, permissions, processes.
• Tools: ls, chmod, grep, ssh, scp.
Week 4: Windows Basics
• Active Directory, user management, PowerShell scripting.
🛠️ Practice:
• Set up VirtualBox/VMware with 1 Linux VM + 1 Windows VM.
• Try HackTheBox Starting Point or TryHackMe Pre Security.
________________________________________
📅 Month 2: Core Cybersecurity Concepts
Goal: Understand threats, cryptography, and security fundamentals.
Week 5: Security Basics
• CIA triad, malware types, social engineering, phishing.
Week 6: Cryptography
• Symmetric vs asymmetric encryption, hashing, SSL/TLS.
Week 7: Authentication & Access Control
• MFA, RBAC, least privilege, identity management.
Week 8: Security Tools Intro
• Firewalls, IDS/IPS, SIEM (Splunk or Wazuh).
🛠️ Practice:
• Wireshark: Capture and analyze packets.
• TryHackMe Cybersecurity 101.
________________________________________
📅 Month 3: Practical Skills
Goal: Learn to use security tools and perform basic attacks/defenses.
Week 9: Recon & Scanning
• Tools: Nmap, Whois, Dig.
Week 10: Vulnerability Scanning
• Tools: OpenVAS, Nessus (free trial).
Week 11: Exploitation Basics
• Metasploit, reverse shells, privilege escalation basics.
Week 12: Web Security (OWASP Top 10)
• SQL injection, XSS, CSRF.
🛠️ Practice:
• DVWA (Damn Vulnerable Web App) in VM.
• TryHackMe Jr Penetration Tester.
________________________________________
📅 Month 4: Incident Response & SOC Skills
Goal: Learn defense and monitoring.
Week 13: Security Monitoring
• SIEM tools (Splunk/Wazuh).
• Log analysis (Windows Event Viewer, Syslog).
Week 14: Incident Response Lifecycle
• Identification, containment, eradication, recovery.
Week 15: Digital Forensics Basics
• Disk imaging, file recovery, memory analysis.
Week 16: Threat Hunting
• Using logs, indicators of compromise (IOC), MITRE ATT&CK framework.
🛠️ Practice:
• TryHackMe Blue Team Fundamentals.
• Practice log analysis on Splunk’s free version.
________________________________________
📅 Month 5: Specialization
Goal: Explore different paths & choose your focus.
Week 17-18: Penetration Testing Track
• Advanced exploitation, privilege escalation (Linux/Windows).
• Tools: Burp Suite, Hydra, JohnTheRipper.
Week 19: SOC Analyst Track
• SIEM queries, building dashboards, threat intelligence feeds.
Week 20: Cloud Security Track
• AWS IAM, S3 security, Azure basics.
🛠️ Practice:
• HackTheBox (beginner machines).
• Cloud: AWS Free Tier labs.
________________________________________
📅 Month 6: Capstone & Career Prep
Goal: Apply everything and prepare for real-world jobs/certifications.
Week 21: Capture The Flag (CTF) Challenges
• Platforms: PicoCTF, OverTheWire (Bandit).
Week 22: Simulate Attacks & Defenses
• Red Team vs Blue Team lab (Kali Linux attacking Windows).
Week 23: Resume & Portfolio Building
• Document your labs, write blog posts on Medium/GitHub.
Week 24: Certification Prep
• If PenTest → OSCP path.
• If SOC → CompTIA CySA+ or Splunk Cert.
• If General Security → CompTIA Security+.
________________________________________
✅ Key Resources
• Free Practice: TryHackMe, HackTheBox, OverTheWire
• Books: “The Web Application Hacker’s Handbook”, “Blue Team Field Manual”
• Communities: Reddit r/cybersecurity, Discord security servers
________________________________________
👉 By the end of 6 months, you’ll have:
• Hands-on experience with tools
• Basic attack & defense skills
• A portfolio of labs/projects
• Readiness for an entry-level role or certification