1-Year Cybersecurity Study Guide (Weekly Breakdown for Hackathon Readiness)

Month 1: Foundations of Cybersecurity

Focus: Get familiar with basic concepts and your study environment.

Tools/Resources:

●​ TryHackMe: "Cyber Defense" and "Complete Beginner" paths​

●​ Book: Cybersecurity for Beginners by Raef Meeuwisse​

●​ YouTube: NetworkChuck, The Cyber Mentor​

Weekly Breakdown:

●​ Week 1: Introduction to cybersecurity + setup (Kali Linux, VM)​

●​ Week 2: What is the CIA Triad? Threats, vulnerabilities, and attacks​

●​ Week 3: Operating systems basics (Linux and Windows)​

●​ Week 4: File systems, permissions, and command line (Linux + Windows)​

Month 2: Networking Essentials

Focus: Build strong networking foundations.

Tools/Resources:

●​ Book: Computer Networking: A Top-Down Approach (simplified chapters)​

●​ TryHackMe: "Intro to Networking", "Network Fundamentals"​

●​ Packet Tracer or Wireshark (install)​

Weekly Breakdown:
 ●​ Week 1: OSI Model, TCP/IP stack​

●​ Week 2: IP addressing, Subnetting, and DNS basics​

●​ Week 3: TCP, UDP, ICMP, ports, and protocols​

●​ Week 4: Tools: Ping, Traceroute, Nmap, Netcat​

Month 3: Web & Application Security Basics

Focus: Understand how websites and applications get attacked.

Tools/Resources:

●​ TryHackMe: "OWASP Top 10", "Web Fundamentals"​

●​ Book: The Web Application Hacker’s Handbook​

●​ Burp Suite Community Edition​

Weekly Breakdown:

●​ Week 1: How the web works (HTTP, requests, cookies)​

●​ Week 2: SQLi, XSS, CSRF​

●​ Week 3: Authentication & session management​

●​ Week 4: Practical lab challenges on TryHackMe (OWASP room)​

Month 4: System & Network Attacks

Focus: Understand system vulnerabilities and exploitation basics.

Tools/Resources:

●​ Metasploit (Kali Linux)​

 ●​ TryHackMe: "Metasploit Basics", "Red Team Fundamentals"​

●​ YouTube: John Hammond​

Weekly Breakdown:

●​ Week 1: Enumeration tools (Enum4linux, SMB, FTP)​

●​ Week 2: Exploitation using Metasploit​

●​ Week 3: Password cracking (JohnTheRipper, Hydra, Hashcat basics)​

●​ Week 4: CTF challenges — HackTheBox Easy Machines​

Month 5: Scripting for Cybersecurity

Focus: Automate tasks and write simple tools.

Tools/Resources:

●​ Python: Automate the Boring Stuff, Python Crash Course​

●​ Bash basics​

Weekly Breakdown:

●​ Week 1: Python fundamentals (variables, loops, functions)​

●​ Week 2: Web scraping & socket programming​

●​ Week 3: Bash scripting basics​

●​ Week 4: Mini projects — port scanner, brute forcer​

Month 6: Defensive Security + SOC Skills

Focus: Understand blue team responsibilities.

Tools/Resources:

●​ TryHackMe: "SOC Level 1", "Blue Team Path"​

●​ Book: Blue Team Field Manual​

Weekly Breakdown:

●​ Week 1: Logs and log analysis (Syslog, Windows Event Viewer)​

●​ Week 2: SIEM basics (Splunk or Elastic)​

●​ Week 3: Malware analysis intro​

●​ Week 4: Build your own lab + blue team CTFs​

Month 7: Wireless & Mobile Security

Focus: Understand Wi-Fi attacks and mobile device risks.

Tools/Resources:

●​ Aircrack-ng suite​

●​ Android emulator (for mobile testing)​

Weekly Breakdown:

●​ Week 1: Wi-Fi fundamentals & encryption​

●​ Week 2: Wi-Fi cracking (WEP/WPA)​

●​ Week 3: Mobile OS security (Android/iOS)​

●​ Week 4: Wireless hacking labs (TryHackMe or custom VM)​

Month 8: Cloud & DevSecOps Basics

Focus: Know cloud risks and DevSecOps concepts.

Tools/Resources:

●​ AWS Free Tier + AWS Cloud labs (Qwiklabs, TryHackMe)​

●​ Book: Cloud Security Handbook​

Weekly Breakdown:

●​ Week 1: Intro to Cloud computing (AWS, Azure, GCP)​

●​ Week 2: IAM & misconfigurations​

●​ Week 3: CI/CD pipeline security​

●​ Week 4: Cloud lab: secure S3 bucket + IAM policy review​

Month 9: Active Directory & Privilege Escalation

Focus: Learn enterprise-level attack surfaces.

Tools/Resources:

●​ TryHackMe: "AD Basics", "Windows PrivEsc"​

●​ HackTheBox: Machines focused on AD​

Weekly Breakdown:

●​ Week 1: What is AD + core services (LDAP, Kerberos)​

●​ Week 2: Enumeration & misconfigurations​

●​ Week 3: Windows privilege escalation techniques​

●​ Week 4: Full AD lab scenario (multi-step attack chain)​

Month 10: Red Team Tactics

Focus: Offensive techniques + report writing

Tools/Resources:

●​ TryHackMe: "Red Team Path"​

●​ C2 Frameworks: Covenant or Sliver​

●​ YouTube: IppSec​

Weekly Breakdown:

●​ Week 1: C2 and evasion basics​

●​ Week 2: Social engineering + phishing​

●​ Week 3: Recon tools (Shodan, Google Dorking)​

●​ Week 4: Simulated attack + reporting​

Month 11: Blue Team & Incident Response

Focus: Monitor, respond, and recover

Tools/Resources:

●​ TryHackMe: "Incident Response"​

●​ SIEM lab (ELK/Splunk)​

Weekly Breakdown:

●​ Week 1: IR lifecycle + threat intelligence​

●​ Week 2: Detection engineering (YARA, Sigma rules)​

●​ Week 3: Case study: famous breach investigation​

 ●​ Week 4: IR simulation​

Month 12: Hackathon & CTF Preparation

Focus: Consolidate and simulate real events

Tools/Resources:

●​ CTF sites: TryHackMe, HackTheBox, PicoCTF​

●​ GitHub: Build a mini portfolio​

Weekly Breakdown:

●​ Week 1: Review weak areas​

●​ Week 2: Practice past CTFs​

●​ Week 3: Team up for group challenge​

●​ Week 4: Join a Hackathon (or simulate one solo/team)​