LEARNING_PATHS

Penetration Tester

Complete roadmap from beginner to professional penetration tester

12-18 monthsIntermediate to Advanced

Phase 1: Foundations

3 months
  • Networking fundamentals (TCP/IP, DNS, HTTP)
  • Linux command line mastery
  • Programming basics (Python, Bash)
  • Web technologies (HTML, CSS, JavaScript)

Phase 2: Security Basics

3 months
  • OWASP Top 10 vulnerabilities
  • Common attack vectors
  • Security tools (Nmap, Burp Suite, Metasploit)
  • Certification: CompTIA Security+

Phase 3: Practical Skills

4 months
  • HackTheBox & TryHackMe practice
  • Web application pentesting
  • Network penetration testing
  • Exploit development basics

Phase 4: Advanced & Certification

4-6 months
  • Active Directory attacks
  • Advanced exploitation techniques
  • Report writing & communication
  • Certification: OSCP or PNPT

Recommended Certifications

Security+CEHOSCPPNPT

Learning Resources

TryHackMeHackTheBoxPortSwigger Web Security AcademyOSCP Course
Read related writeups

SOC Analyst

Path to becoming a Security Operations Center analyst

8-12 monthsBeginner to Intermediate

Phase 1: IT Fundamentals

2 months
  • Networking basics
  • Operating systems (Windows, Linux)
  • System administration
  • Basic scripting

Phase 2: Security Foundations

3 months
  • Security concepts & principles
  • Threat landscape overview
  • Security tools & technologies
  • Certification: CompTIA Security+

Phase 3: SOC Operations

3 months
  • SIEM platforms (Splunk, ELK)
  • Log analysis & correlation
  • Incident detection & response
  • Threat intelligence

Phase 4: Advanced SOC

2-4 months
  • Threat hunting
  • Malware analysis basics
  • Forensics fundamentals
  • Certification: Microsoft SC-200 or CySA+

Recommended Certifications

Security+CySA+Microsoft SC-200GCIA

Learning Resources

Blue Team Labs OnlineSplunk FundamentalsMicrosoft LearnSANS SEC401
Read related writeups

Red Team Operator

Advanced path for offensive security and adversary simulation

18-24 monthsAdvanced

Phase 1: Prerequisites

6 months
  • Complete Penetration Tester path
  • Advanced networking
  • Programming (Python, C#, PowerShell)
  • Active Directory deep dive

Phase 2: Red Team Tactics

6 months
  • C2 frameworks (Cobalt Strike, Covenant)
  • Evasion techniques
  • Persistence mechanisms
  • Lateral movement

Phase 3: Advanced Techniques

4 months
  • Custom tool development
  • Advanced exploitation
  • Physical security
  • Social engineering

Phase 4: Certification & Specialization

2-6 months
  • CRTO or OSEP certification
  • Real-world red team exercises
  • Report writing for executives
  • Continuous learning & research

Recommended Certifications

OSCPOSEPCRTOPNPT

Learning Resources

Zero Point Security CRTOOffensive Security OSEPHackTheBox Pro LabsRed Team Field Manual
Read related writeups

Ready to Start Your Journey?

Explore our resources, practice on real vulnerabilities, and join the cybersecurity community.

Browse CVE DatabaseDownload Cheat Sheets