| Month | Focus Area | Key Topics | Tools & Platforms | Certifications | Projects / Practice |
|---|---|---|---|---|---|
| 1 | Foundations of Cybersecurity | - CIA Triad - Types of Attacks - Security Domains - OS Basics (Windows/Linux) - Virtual Machines |
- TryHackMe - VirtualBox / VMware - Ubuntu / Kali Linux |
CompTIA ITF+ (Optional) | - Set up a home lab - Create VMs for Windows & Kali Linux |
| 2 | Networking & Network Security | - OSI & TCP/IP Models - Ports & Protocols - Firewalls & IDS/IPS - Packet Analysis |
- Wireshark - Cisco Packet Tracer - Nmap - PFsense |
CompTIA Network+ | - Scan your local network using Nmap - Analyze packets with Wireshark |
| 3 | Linux & Windows Security | - User management - File permissions - Syslog & Event Logs - Basic Bash/Powershell scripting |
- Kali Linux - Powershell - bash - sysinternals tools |
- | - Harden a Linux VM - Create basic log monitoring scripts |
| 4 | Ethical Hacking & Penetration Testing | - Phases of Pentesting - Reconnaissance - Scanning & Enumeration - Exploitation & Post-Exploitation |
- Metasploit - Burp Suite - Hydra - Gobuster - Nessus (trial) |
eJPT / CEH (Optional) | - TryHackMe Rooms - Capture the Flag (CTF) challenges |
| 5 | Web Application Security | - OWASP Top 10 - SQLi, XSS, CSRF, SSRF, IDOR - Secure Coding Concepts |
- Burp Suite - OWASP Juice Shop - ZAP - DVWA |
- | - Hack OWASP Juice Shop - Write a blog on one OWASP Top 10 vuln |
| 6 | Incident Response & Blue Teaming | - SIEM & Log Analysis - Threat Hunting - MITRE ATT&CK Framework - Digital Forensics basics |
- Splunk (free trial) - ELK Stack - Autopsy - CyberChef |
CompTIA Security+ / Blue Team Level 1 (BTL1) | - Create a basic SIEM log parser - Analyze attack logs from CTF |
| Project Title | Description | Tools / Tech Stack | Key Skills | Implementation Steps |
|---|---|---|---|---|
| 1. SIEM Dashboard (Security Event Monitoring) | Build a real-time log monitoring system using a SIEM tool to detect and visualize threats. | Splunk / ELK Stack, Syslog, Python | Log Analysis, Regex, SIEM concepts | - Collect logs from multiple VMs - Set up log forwarding - Create dashboards for login attempts, port scans, etc. |
| 2. Vulnerability Scanner & Report Generator | Build a tool that scans systems for vulnerabilities and generates reports with mitigation tips. | Nmap, OpenVAS, Python, Bash | Pentesting, Scripting, Report Writing | - Scan a network or IP range - Parse results with Python - Create PDF/HTML reports |
| 3. Web Application Pentesting Toolkit | Create a tool or script to automate basic OWASP Top 10 vulnerability checks. | Burp Suite, ZAP, Python (Requests/BeautifulSoup) | Web Security, OWASP, Scripting | - Target vulnerable apps like DVWA/Juice Shop - Test for XSS, SQLi, CSRF - Output findings in a CSV |
| 4. Honeypot Deployment & Threat Analysis | Deploy a honeypot to attract and analyze real-world attackers or bots. | Cowrie, Dionaea, T-Pot, Wireshark | Threat Intelligence, Network Analysis | - Deploy honeypot on cloud - Collect logs of intrusions - Analyze attack types and IPs |
| 5. Ransomware Detection using File Behavior | Monitor file system behavior and detect ransomware-like activity (e.g., mass renaming/encryption). | Python, Inotify (Linux), Windows API, Hashing | Behavioral Detection, File Monitoring | - Write a script to detect rapid file changes - Flag suspicious processes - Alert the user and kill process |
| 6. Secure File Transfer System | Build a file-sharing system with encryption, integrity checks, and access control. | Python, Flask, OpenSSL, SHA256, JWT | Cryptography, Web Security | - Create login system with roles - Encrypt file uploads - Add download tracking and verification |
| 7. Capture The Flag (CTF) Platform | Host your own mini CTF challenge platform for beginners or your peers. | Docker, Flask, SQLite, HTML/CSS, bcrypt | App Security, System Hardening | - Create challenges (web, crypto, pwn) - Add flag submission and scoring system - Dockerize for portability |