Hello Peeps!!
Long time… no see [RIP English😅]
Many people were asking me how to start my cybersecurity journey, I thought instead of telling one by one, I may better write a blog and share with everyone [smart work😉]
Ha, you can also do some prompting with your AI. It might guide you more than me!! I hope so..
No offense, I am just sharing my personal experience and knowledge.
If you are a beginner to cybersecurity, I will plead you not to jump on kali linux at your first step like this
Please make your foundation strong before building the roof.
Networking
if I am suggesting you to learn networking first, it doesn’t mean you have to clear CCNA (Certified Network Associate) exam. But you must be in a position to know how communications happens in the network.
Here are the suggested topics to know in networking
- OSI Model
- TCP/IP Model
- IP Addressing and Subnetting
- Basic Protocols like DNS, HTTP/HTTPS, ARP. DHCP, ICMP etc
- Firewalls and VPNs
- Virtual LANs
Few tools for practice:
- Nmap
- Cisco Packet Tracer
- Wireshark
- Tcpdump
- Dig
- Nslookup
Resources :
For networking I suggest you to start your journey by reading some networking books like
Networking All-in-One For Dummies by Doug Lowe
Computer Networking: A Top-Down Approach by Kurose & Ross for a structured, application-focused approach
Operating Systems
In Operating Systems, you must be familiar with two operating systems which are Windows as well as Linux.
Most of the people have assumptions that hackers must only master linux.. But it is not true, You must know cracking and hardening of both operating systems.
You may be familiar with Windows [GUI] which we usually use.
But, you have to master Linux Command Line and Windows PowerShell.
Resources:
Tryhackme rooms
Hackthebox rooms
Programming Language
Ha..Ha, I know what you people reply to me by reading this heading.
“Dear Chitra.. Who will learn the programming language in this era, After all we are Viber Coders”.
But my personal opinion is to have a good knowledge of at least one programming language. It may be Python, C++, Java etc.
Resources:
W3schools
The Complete Reference Textbooks
Core Security Concepts
Now, you are in the position to start your actual cybersecurity journey..
Most people have the illusion that Cybersecurity means it is all about practical stuff, I too believe this but for foundations you must know theoretical concepts.
Main Concepts
- Cryptography
- CIA Triad
- Identity Management [Authentication, Authorization]
- OWASP Top 10
Which Team Are You?
Cybersecurity contains many subdomains, you can’t become master in everything, before you choose your subdomain. First decide: Do you like to hack or protect the system?
Red Teaming / Offensive Security
Red Teaming is basically the offensive side of cybersecurity, it’s all about thinking like a hacker to find and exploit weaknesses in a system, network, or organization before real attackers do.
Phase 1 : Reconnaissance and Intelligence
The first and foremost thing before jumping to exploitation, learn OSINT (Open Source Intelligence) and active scanning
Key Tools includes
- Google Dorking
- Nmap
- Ffuf
- Shodan
- theHarvester
- hunter.io
Phase 2 : Web Application Penetration Testing
Most modern breaches start at web layer, so why don’t we start from web testing itself?
For this you need to master the Web OWASP Top 10
https://owasp.org/Top10/2025/0x00_2025-Introduction/
But, don’t just rely on Top 10 vulnerabilities, try to grasp as much vulnerabilities whether it is old or new.
[To stay updated with new vulnerabilities follow hacknews]
Key Tools includes
- Burp suite Professional [Best]
- Metaspoit
Phase 3 : Internal Network and Active Directory
Active Directories are crown jewels in the corporate environment. So, you must know AD Exploitations.
Before that you have to know what Active Directory is and how it works?
Few Techniques :
Kerberoasting : Attacking the Kerberos ticket system to get service passwords.
Lateral Movement : Moving from a low-privilege PC to Domain Controller.
Key Tools includes
- Mimikatz
- BLoodHound
- Impacket
Phase 4 : Advance Red Team Operations
This is the “Pro” level. Modern antiviruses are very good..you must just learn to be silent.
After 2-3 years in red teaming, the next phase is exploit or malware development.
Writing custom malware stubs in C or C# that doesn’t get flagged by Windows Defender or CrowdStrike is the next big thing.
Before developing payload, you must have a strong understanding of Malware Analysis including both static and dynamic analysis.
Key Tools:
Resources:
There are only a few courses available in the market for Malware Development and Analysis.
I recommend Techonquer Courses. [techonquer.org]
I have one good news and bad news related to Red Teaming
Good news : Red teaming is one the fascinating things in the world, imagine finding vulnerabilities, hacking into the AD, cracking someone’s system Ah! What an adventure but…
Bad news : Corporates offer only a few red teaming job roles.
Blue Teaming / Defensive Security
Blue teaming is the defensive side of security.
Their job is to detect, prevent, and respond to cyber attacks.
Phase 1 : Security Operations and Monitoring
This is where you learn to see the real “Matrix”. You need to understand what normal traffic looks like, so you can spot the abnormal one.
You must become fluent in reading logs from firewalls, proxies and windows event viewers.
Key Tools:
- Splunk
- Microsoft Sentinel
Resources:
https://www.splunk.com/en_us/training/free-courses/overview.html
Phase 2 : Incident Response
When an alert triggers..
What do you do?
Incident Response is the process of handling a cyber attack or security breach in a structured way.
You must know the NIST Incident Response Lifecycle [Preparation, Detection, Containment, Eradication and Recovery.
Key Tools:
Phase 3 : Vulnerability Management and Hardening
We all know that “Preventation is better than a cure.”
Your job here is to make the target so difficult to hit that attackers give up.
Key Tools:
- Nessus
- OpenVAS
- Qualys .. to find unpatched vulnerability.
Key Concepts
Learn hardening techniques for both windows and linux
Eg : Group Policy Objects in Windows to disable dangerous features.
Phase 4 : Threat Hunting
If Incident Response is reacting to a fire…
Threat Hunting is walking around the building looking for smoke before anyone smells it.
Using the MITRE ATT&CK Framework to map out common hacker techniques and proactively checking your network for those specific signs. Learn SOAR(Security Orchestration, Automation and Response).
Key Tools:
- Splunk
- Microsoft Sentinel
- CrowdStrike Falcon
- Elastic Security
- Zeek
Good News : There are lots and lots of fresher job roles are available for SOC, it is also known as entry point in cybersecurity.
Bad News : In SOC, you may have to work on shifts, maybe night shifts [which is a nightmare for the people like me]
I hope you got some sort of idea about your cybersecurity journey.
If you have any doubts.. You can ping on linkedin [https://www.linkedin.com/in/chitra-karanam-417999237/]
Have a happy and healthy life.
See you in the next blog
