Hi, this is Vivek Patni. I am a Cybersecurity geek and ethical hacker, and I always get the question, “How can I start my cybersecurity Journey After Class 12th?”
Before answering this question I just wanna tell you something about myself.
Who am I?
My name is Vivek Patni, and I am from Pithoragarh, a beautiful city in Uttarakhand, India. I started my cybersecurity journey in class 11th, initially exploring phishing through a website called Zshadow, which created phishing pages for Facebook, Instagram, Google, and other social platforms. I enjoyed tricking people into my “little devilhood” back then.
After passing 12th, I discovered Linux and fell completely in love with it. I collected various Linux OS versions on different DVDs and learned Linux from multiple sources, including YouTube, books, and research papers. I made notes on everything to refer to when I got stuck. My belief is: “The ability to question things. It’s what makes us HACKER.”
After this, I studied some networking basics and took free cybersecurity courses available on YouTube. I then jumped into TryHackMe to sharpen my skills, but I found it a bit easy and somewhat theoretical, which I found boring. So, I switched to Hack The Box, where I worked on different machines for two years until I achieved a Pro Hacker rank. However, I realized I needed to improve my web pen-testing skills, so I studied the OWASP Top 10 and API security, practicing on PortSwigger Labs to sharpen those skills.
After that, I pursued an MCA in Cybersecurity and secured an internship in my first semester, officially kickstarting my professional cybersecurity journey.
Free Cybersecurity Roadmap for Ethical Hacking Career in 2025
I have prepared this intensive guide for Red Teamers who need a roadmap to become a successful ethical hacker.
Before beginning your cybersecurity journey I want you to decide which excites you the most the attacker or the defender.
You can follow this path if you are an Attacker Type person (Ethical Hacker).
ADVERTISEMENT
Path for Attacker-Type Person (Ethical Hacker)
If you’re interested in offensive security and want to become a Red Teamer, here’s a beginner-friendly path:
-
Set Up Linux OS (Kali Linux)
- Kali Linux is recommended for beginners, as it comes with pre-installed tools for penetration testing.
- Linux OS Setup Video
-
Learn Linux Basics
- Understanding Linux commands and navigation is essential.
- Linux Basics Video
-
Networking Basics
- Grasp fundamental networking concepts to understand the flow of data.
- Networking Basics Video
-
Cybersecurity Basics
- Learn the basic concepts of cybersecurity to build a solid foundation.
- Cybersecurity Basics Video
-
Nmap (Network Mapper) – Complete Guide
- Master Nmap, a key tool for network scanning and reconnaissance.
- Nmap Complete Guide
-
Metasploit – Complete Guide
- Explore the Metasploit Framework, a powerful tool for developing and executing exploits.
- Metasploit Complete Guide (Playlist)
-
Wireshark – Complete Guide
- Learn Wireshark for network protocol analysis, which is vital for inspecting traffic.
- Wireshark Complete Guide
-
Web Security Testing
- Dive into web application security testing to find vulnerabilities.
- Web Security Testing Guide
-
API Security Testing (Postman)
- Learn API security testing using Postman.
- API Security Testing Guide
-
Mobile Security Testing
- Explore mobile security testing techniques.
- Mobile Security Testing Guide
-
Active Directory Security Testing
- Gain knowledge of Active Directory and how to test its security.
- Active Directory Security Testing Guide
-
Practice Labs
- Portswigger Labs Offers interactive labs for mastering web security vulnerabilities and exploitation techniques, especially OWASP Top 10.
- DVWA A deliberately insecure web application designed for practicing web security skills.
- Metasploitable 2 vulnerable Linux virtual machine ideal for penetration testing and exploitation practice.
- TryHackMe A platform with guided labs and challenges for learning cybersecurity topics interactively.
- HackTheBox A penetration testing platform with realistic virtual environments for hacking and skill development.
- Owasp Juice Shop A vulnerable web app simulating OWASP Top 10 vulnerabilities to practice secure coding and pentesting.
- BWAPP A vulnerable web application designed to practice and test web app security techniques.
- Important Resources You Should Not Miss
- Book.Hacktricks – https://book.hacktricks.xyz/
- Payloads of All Things – https://github.com/swisskyrepo/PayloadsAllTheThings
- Bug Bounty Writeups – https://github.com/fardeen-ahmed/Bug-bounty-Writeups
- CyberSecurity Blogs – https://onewriteup.com
Cybersecurity Roadmap for Ethical Hackers
1. Introduction to Ethical Hacking and Cybersecurity
Cybersecurity Fundamentals
- What is Cybersecurity?
- Importance of Cybersecurity in Today’s World
- Common Cybersecurity Threats
- Malware, Phishing, Ransomware, Denial of Service (DoS), Man-in-the-Middle (MitM)
- Malware, Phishing, Ransomware, Denial of Service (DoS), Man-in-the-Middle (MitM)
- Types of Hackers
- White Hat, Black Hat, Gray Hat, Script Kiddies, Hacktivists
- Red Team, Blue Team, and Purple Team
- Roles and responsibilities of each team
Networking Basics
- Basic Networking Concepts
- LAN (Local Area Network)
- MAN (Metropolitan Area Network)
- WAN (Wide Area Network)
- PAN (Personal Area Network)
- OSI Model
- Layers of OSI: Physical, Data Link, Network, Transport, Session, Presentation, Application
- Layers of OSI: Physical, Data Link, Network, Transport, Session, Presentation, Application
- TCP/IP Model
- Layers of TCP/IP and comparison with OSI
- Layers of TCP/IP and comparison with OSI
Network Devices and Hardware
- Types of Networking Devices
- Router, Switch, Hub, Modem, Firewall
- Router, Switch, Hub, Modem, Firewall
- Basic Function of Each Device in a Network
- IP Addressing and Subnetting
- IPv4, IPv6, Public and Private IPs
- Domain Name System (DNS)
- DNS basics, DNS security issues
Network Types and Segmentation
- Private vs. Public Networks
- Network Segmentation and Zoning
- Virtual Private Network (VPN)
- Purpose and basic working of VPNs
Ports and Services
- Networking Ports and Common Protocols
- HTTP, HTTPS, FTP, SSH, SMTP, POP3, IMAP, DNS
- Understanding Port Numbers
- Well-known ports, registered ports, dynamic ports
2. Setting Up and Mastering Kali Linux
2.1 Introduction to Kali Linux
- Installation and setup
2.2 Basic Linux Skills
- Linux File System
- Basic Linux commands
2.3 Managing and Customizing Kali Linux Tools
- Installing, updating, and managing tools
- Introduction to popular tools in Kali
- Customizing the bash environment and scripting basics
3. Essential Tools and Command You Should Know
- Apache2, nano, Neofetch, nautilus, ssh, mysql-server, Hashcat, John The Ripper, Hydra, Wireshark, Metasploit, Nmap, git, gobuster, hping3, etc
4. Information Gathering and Reconnaissance
4.1 Passive Information Gathering
- Tools and techniques (OSINT Framework, Google Hacking (google dorking), Shodan)
- Website reconnaissance, domain enumeration, and social media analysis, “whois” tool
4.2 Active Information Gathering
- DNS enumeration, zone transfers, and subdomain discovery
- Scanning with Nmap, script scan,
- Enumerating SMB, NFS, SNMP, and SMTP services
5. Vulnerability Analysis and Scanning
5.1 Vulnerability Scanning Concepts
- Manual vs automated scanning, Nessus Tool
- External vs internal, authenticated vs unauthenticated scans
5.2 Using Vulnerability Scanners
- Nessus setup, configuration, and scanning methods
- Vulnerability scanning with Nmap scripts and plugins
6. Web Application Security (OWASP Top 10, Sans 25)
6.1 Web Application Assessment Techniques
- Inspecting URLs, response headers, and page content
- Enumerating admin panels and hidden resources
6.2 Web Vulnerability Exploits
- Common attacks: SQL injection, XSS, file inclusion, and directory traversal
- Using tools like Burp Suite, DIRB, and Nikto.
6.3 Advanced Web Attacks
- SQL injection and command injection techniques
- Automating web testing with OWASP ZAP
7. API Testing
7.1 API BASICS
- API, Types of API, How API Works?
- HTTP Methods, Http Headers, JWT,
7.2 OWASP API TOP 10
- Authentication Mechanisms
- Rate Limiting & Throttling
- Error Handling & Response Codes
- CORS (Cross-Origin Resource Sharing)
- Input Validation & Injection Attacks
- API Endpoint Security
- Encryption Standards
- Data Exposure
- API Schema Validation
- API Logging & Monitoring
- Session Management
- API Security Testing Tools
- Business Logic Vulnerabilities
- File Upload Handling
- GraphQL Security
- Security Misconfigurations
7.3 Postman Tool
7. Mobile Application Security Testing
7.1 OWASP MOBILE TOP 10
Mobile Hacking Cheet Sheet – https://github.com/randorisec/MobileHackingCheatSheet
- Reverse Engineering
- Static Analysis
- Dynamic Analysis
- Network Communication Security
- Authentication & Authorization
- Session Management
- Data Storage Security
- API Security Testing
- Code Obfuscation Techniques
- SSL/TLS Certificate Validation
- Insecure Data Transmission
- Device Permissions & Privileges
- Jailbreak/Root Detection
- Secure Coding Practices
- Third-Party Library Assessment
- Input Validation & Injection Attacks
- Binary Protection Mechanisms
- Logging & Debugging Controls
- Business Logic Testing
- Cryptographic Implementation
7.2 TOOLS
Static Analysis Tools
- MobSF (Mobile Security Framework)
- Jadx
- APKTool
- Ghidra
- Radare2
- AndroBugs
Dynamic Analysis Tools
- Frida
- Objection
- Drozer
- Xposed Framework
- Cydia Substrate
- iRET (iOS Reverse Engineering Toolkit)
- SSL Pinning Bypass Tools (e.g., Inspeckage, SSL Kill Switch 2)
Network Testing Tools
- Burp Suite
- OWASP ZAP
- Wireshark
- mitmproxy
Device Security & Debugging Tools
- ADB (Android Debug Bridge)
- iOS Debugger (lldb)
- Hopper Disassembler
API Testing Tools
- Postman
- Insomnia
- SoapUI
Other Tools
- Dex2Jar
- ProGuard Analyzer
- Hashcat (for cracking weak passwords/keys)
- AppMon
- QARK (Quick Android Review Kit)
- Firebase Security Rules Emulator (for testing Firebase-integrated apps)
8. Exploitation and Post-Exploitation Techniques
8.1 Locating and Modifying Public Exploits
- Searching online and offline exploit repositories. (Searchsoloit, Metasploit, github, exploitdb etc)
- Adjusting exploit code to suit specific environments
- Reverse Shell, Bind Shell, Web Shell
8.2 Post-Exploitation Techniques
- Information Gathering, Finding LoopHoles, Persisting access, evading detection, and data exfiltration,
- Using tools like Meterpreter for advanced tasks
8.3 Transferring Files and Creating Tunnels
- Setting up FTP, HTTP, and PowerShell for file transfers,
- Port redirection and tunneling (SSH, Chisel Tool)
9. Privilege Escalation Techniques
9.1 Windows Privilege Escalation
- Manual and automated enumeration,
- Case studies: Insecure file permissions, UAC bypass
https://book.hacktricks.xyz/windows-hardening/windows-local-privilege-escalation
9.2 Linux Privilege Escalation
- Sudo misconfigurations, cron job exploitation, kernel vulnerabilities (LINPEAS, WINPEAS)
https://book.hacktricks.xyz/linux-hardening/privilege-escalation
10. Password and Authentication Attacks
10.1 Password Cracking Fundamentals
- Wordlists (seclists), brute force (Hydra Tool).
- Network service attacks (RDP, SSH, HTTP POST)
10.2 Leveraging Password Hashes
- Retrieving and cracking password hashes
- Techniques: LLMNR (Responder Tool), Hash Dumping (Mimikatz)
11. Active Directory and Network Attacks
11.1 Active Directory Enumeration and Attacks
- AD theory, enumeration, nested groups, and SPNs
- BloodHound Tool
- NTLM and Kerberos authentication attacks
- Active Directory Collection
11.2 Lateral Movement and Persistence in AD
- Pass-the-Hash, Golden Tickets, Kerberoasting, AS-Rep Roast, ACL Abuse, DC SYNC Attack.
- Establishing persistence on domain controllers
12. Certifications
- CEH
- CompTia Security +
- OSCP
- CISSP
- CISP
- CISM
Thanks for reading so far, If you like this check out my other articles.
