Getting Started with Cybersecurity: Your Roadmap from Zero to Hero

New to cybersecurity? This guide maps out your complete learning journey — from networking fundamentals and Linux basics to ethical hacking, CTFs, and landing your first security role.

Welcome to the Journey

Cybersecurity is one of the most rewarding career paths in tech — and one of the most in-demand. But the sheer breadth of topics can be overwhelming. Where do you start?

This guide is your map. We'll show you exactly what to learn, in what order, with the best free resources at each stage.

Note: You don't need to be a programmer to get started. You don't need a degree. You don't need expensive courses. What you need is curiosity and consistency.

Phase 1: The Fundamentals (Weeks 1–8)

Before you can break things, you need to understand how they work.

Networking Basics

Everything in cybersecurity comes back to networking. Study these core concepts:

OSI & TCP/IP models — how data travels from your browser to a server
IP addresses, subnets, CIDR — how devices are addressed on a network
Common protocols: HTTP, HTTPS, DNS, DHCP, FTP, SSH, SMTP
How TCP handshakes work — SYN, SYN-ACK, ACK
Wireshark — learn to capture and analyze real network traffic

Free resources:

Professor Messer's CompTIA Network+ course (YouTube)
TryHackMe "Pre-Security" learning path (free)

Linux Fundamentals

Security tools live in Linux. Get comfortable with the command line:

bash

# Essential commands to master
ls -la           # List files with permissions
chmod 755 file   # Change file permissions
grep -r "password" /etc/  # Search recursively
netstat -tulnp   # View open ports
ps aux           # View running processes
find / -perm -4000 2>/dev/null  # Find SUID binaries

Set up your lab:

Download VirtualBox (free)
Download Kali Linux ISO
Create a VM and explore

Python Basics

You don't need to be an expert, but being able to read and write simple scripts is a superpower:

python

# Simple port scanner — your first "hacking tool"
import socket

target = "192.168.1.1"
for port in range(1, 1025):
    sock = socket.socket()
    sock.settimeout(0.5)
    if sock.connect_ex((target, port)) == 0:
        print(f"[+] Port {port} is open")
    sock.close()

Phase 2: Core Security Concepts (Weeks 9–16)

Web Application Security

The web is the largest attack surface in existence. Learn:

OWASP Top 10 — the most critical web vulnerabilities
HTTP request/response cycle — headers, cookies, sessions
Authentication flaws — weak passwords, session fixation, insecure tokens
Injection attacks — SQL, command, LDAP injection
XSS — how JavaScript gets injected into web pages
CSRF — forging requests on behalf of authenticated users
Burp Suite — the swiss army knife of web app testing

Network Security

Port scanning with Nmap — discover hosts and services
Service fingerprinting — identify running software versions
Packet analysis — Wireshark deep dives
Common network attacks — ARP spoofing, MITM, DNS poisoning

bash

# Basic nmap scan workflow
nmap -sn 192.168.1.0/24          # Discover live hosts
nmap -sV -sC -p- 192.168.1.10    # Full port scan with versions
nmap -A 192.168.1.10             # Aggressive scan (OS detection, scripts)

Phase 3: Hands-On Hacking (Weeks 17–30)

Now you practice — in legal, controlled environments.

Capture The Flag (CTF) Competitions

CTFs are hacking puzzles organized into categories. They're the best way to practice:

Picoctf — beginner-friendly, great for newcomers
HackTheBox — realistic machines, progressively harder
TryHackMe — guided rooms with hints, perfect for learning
CTFtime.org — lists upcoming competitions worldwide

CTF categories to focus on first:

Web exploitation (XSS, SQLi)
Cryptography (base64, Caesar cipher, RSA basics)
Forensics (file analysis, steganography)
OSINT (open source intelligence gathering)

Build Your Lab

A personal lab lets you hack legally:

plaintext

Your Setup:
├── Host machine (Windows/Mac)
└── VirtualBox/VMware
    ├── Kali Linux (attacker)
    └── Vulnerable VMs:
        ├── DVWA (Damn Vulnerable Web App)
        ├── Metasploitable 2
        ├── VulnHub machines
        └── TryHackMe OpenVPN

Phase 4: Specialization (Month 7+)

After the fundamentals, pick a track:

Track	What You'll Do	Tools
Penetration Testing	Simulate attacks to find vulnerabilities	Metasploit, Burp Suite, Nmap
Bug Bounty	Find vulns in real apps for money	Burp Suite, ffuf, nuclei
Security Operations	Detect and respond to real attacks	Splunk, ELK, SIEM tools
Malware Analysis	Reverse engineer malicious software	IDA Pro, Ghidra, x64dbg
Cloud Security	Secure AWS/Azure/GCP environments	AWS CLI, Pacu, ScoutSuite

The Learning Mindset

A few principles that separate those who make it from those who don't:

Build things to break them — Set up a WordPress site and attack it. Build a login form and try to bypass it.
Read CVEs — When a new vulnerability drops, don't just read the headline. Find the patch diff and understand what code changed and why.
Document everything — Keep a personal wiki. Notes you write stick better than notes you read.
Contribute to the community — Write blog posts. Help others in Discord servers. Teach what you know.
Stay legal — NEVER test systems you don't own or have written permission to test. Unauthorized access is a crime in most countries.

Your First 30 Days — Action Plan

plaintext

Week 1: TryHackMe "Pre-Security" path (free)
Week 2: Linux basics — set up Kali VM, practice commands daily
Week 3: Networking — read "Computer Networks" ch. 1-3 or Messer's videos
Week 4: First CTF — try 3 problems on picoCTF

Welcome to the community. The road is long but every senior security engineer you admire started exactly where you are now.

Next up in this guide: Understanding SQL Injection — Your First Real Vulnerability