├── README.md
├── attacker
    ├── adversarial-engineer.md
    ├── exploit-developer.md
    ├── pentester-mobile-app.md
    ├── pentester-network.md
    └── pentester-web.md
├── defender
    ├── digital-forensic-investigator.md
    └── threat-hunter.md
└── mind-map.png


/README.md:
--------------------------------------------------------------------------------
 1 | # Cyber Security Road Maps
 2 | 
 3 | ![Mind Map](mind-map.png)
 4 | 
 5 | `Cyber Security` is a collaborative effort of many people. 
 6 | 
 7 | This repository is used to help people exploring roles and career in cyber security. 
 8 | 
 9 | The career will include recommendation for:
10 | * skills (hard and soft)
11 | * education
12 | * certification
13 | 
14 | ## ATTACKER
15 | 
16 | * Penetration Tester
17 |     - [Network Penetration Tester](attacker/pentester-network.md)
18 |     - [Mobile App Penetration Tester](attacker/pentester-mobile-app.md)
19 |     - [Web Penetration Tester](attacker/pentester-web.md)
20 | * [Exploit Developer](attacker/exploit-developer.md)
21 | * [Adversarial Engineer](attacker/adversarial-engineer.md)
22 | 
23 | ## DEFENDER
24 | 
25 | * SOC (Security Operation Center) Member
26 | * [Threat Hunter](defender/threat-hunter.md)
27 | * Detection Engineer
28 | * [Digital Forensic Investigator](defender/digital-forensic-investigator.md)
29 | * Malware Analyst
30 | * Incident Responder
31 | 
32 | ## BUILDER
33 | 
34 | * Information Security Analyst
35 | * Source Code Auditor
36 | * Security Engineer
37 | * DevSecOps Engineer
38 | 
39 | ## POLICY
40 | 
41 | * Data Privacy Officer
42 | * Chief Information Security Officer
43 | * Chief Security Officer
44 | 
45 | ## Other
46 | 
47 | * SCADA Security Specialist


--------------------------------------------------------------------------------
/attacker/adversarial-engineer.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | Adversarial Engineering, also known as Red Team Exercise, performs adversarial threat simulation activities and simulate realistic conditions of attack by a live adversary. Adversarial engineering develop scenario or replicate TTP of real threat actor.
 4 | 
 5 | # Hard Skills
 6 | 
 7 | - Familiarity with industry standard such as MITRE ATT&CK.
 8 | - Familiarity with Cyber Kill Chain.
 9 | - Experience in binary exploitation.
10 | - Experience in web application development and system administration.
11 | - Understanding OPSEC (operational security) and covert operation.
12 | - Able to read threat intelligence report and extract key techniques used by threat actors.
13 | - Able to develop payloads, scripts, and tools that weaponize new concept for execution, evasion, lateral movement, and persistence.
14 | - Able to simulate/emulate Tactics, Techniques, and Procedure (TTP).
15 | - Experience in post exploitation tools
16 | 
17 | # Soft Skills
18 | 
19 | - Ability to clearly articulate complex concepts (both written and verbally)
20 | - Ability to think outside the box and emulate adversarial approaches.
21 | 
22 | # Tools
23 | 
24 | Some tools that should be mastered:
25 | - Command & Control: CobaltStrike / Havoc / NightHawk
26 | - Redirectors: AWS Lambda, Azure Function, GCP Cloud Functions
27 | - Phishing kit: Gophish + evilginx2
28 | 
29 | # Certification
30 | 
31 | - eLearnSecurity Certified Penetration Tester eXtreme (eCPTX)
32 | - eLearnSecurity Web-app Penetration Tester eXtreme (eWPTX)
33 | - Offensive Security Exploit Developer (OSED)
34 | - Offensive Security Experienced Pentester (OSEP)


--------------------------------------------------------------------------------
/attacker/exploit-developer.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | Exploit in cyber security refer to software, script, chunk of data, or sequence of commands that take advantage of vulnerabilities to alter behavior of target. 
 4 | 
 5 | Exploit developer is researching vulnerability by finding and abusing it to gain advantage from disclose information to take over target.
 6 | 
 7 | # Hard Skills
 8 | 
 9 | - Understanding low level code (assembly), processor architecture (x86, ARM, etc), and memory model (stack, heap).
10 | - Understanding memory corruption concept.
11 | - Understanding modern security mitigations (stack cookies, SafeSEH, DEP, ASLR, CFG, etc) and how to bypass it.
12 | - Understanding OS internals and low level part.
13 | - Experience in reverse engineering.
14 | - Experience in binary analysis (fuzzing, debugging, instrumentation).
15 | - Experience in system emulation.
16 | - Experience in system programming (C/C++)
17 | 
18 | # Soft Skills
19 | 
20 | - Ability to learn sufficient language or technology in order to analyze it in the context of vulnerability.
21 | 
22 | # Tools
23 | 
24 | Some tools that should be mastered:
25 | - Debugger: gdb, windbg
26 | - IDA / Ghidra
27 | - Fuzzer: AFL, ClusterFuzz
28 | - Metasploit
29 | 
30 | # Certification
31 | 
32 | - eLearnSecurity Certified eXploit Developer (eCXD)
33 | - GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
34 | - Mosse Vulnerability Researcher and Exploitation (MVRE)
35 | - Offensive Security Exploit Developer (OSED)


--------------------------------------------------------------------------------
/attacker/pentester-mobile-app.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | Penetration Test, or known as pentest, is an authorized simulated cyber attack against the system or part of the system. This activity is performed to evaluate the security of the system using limited view and scope.
 4 | 
 5 | Mobile App Pentest is specific branch which focus on mobile application (android, ios) and supporting environment.
 6 | 
 7 | # Hard Skills
 8 | 
 9 | - Knowledge of OWASP Mobile Security Testing Guide.
10 | - Familiarity with industry standard such as CVE, CVSS, CWE, CAPEC.
11 | - Familiarity in reverse engineering (mobile application)
12 | - Experience with Android or iOS security mechanism.
13 | - Experience with REST API or SOAP for intercommunication.
14 | - Able to analyze, test, and debug application.
15 | - Understanding common protection (jailbreak detection, SSL pinning) and how to bypass it.
16 | 
17 | # Soft Skills
18 | 
19 | - Excellent presentation and communication skill to effectively communicate with managers and customers.
20 | - Ability to clearly articulate complex concepts (both written and verbally)
21 | 
22 | # Tools
23 | 
24 | Some tools that should be mastered:
25 | - Binary Analysis: IDA, Ghidra
26 | - Burp Suite / OWASP ZAP
27 | - Frida / Magisk
28 | 
29 | Also some useful site:
30 | - [exploit-db](https://www.exploit-db.com/) | [Google Hacking DB](https://www.exploit-db.com/google-hacking-database)
31 | - [sploitus](https://sploitus.com/)
32 | - [Packet Storm Security](https://packetstormsecurity.com/)
33 | 
34 | # Certification
35 | 
36 | - eLearnSecurity Mobile Application Penetration Tester (eMAPT)
37 | - GIAC Mobile Device Security Analyst (GMOB)


--------------------------------------------------------------------------------
/attacker/pentester-network.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | Penetration Test, or known as pentest, is an authorized simulated cyber attack against the system or part of the system. This activity is performed to evaluate the security of the system using limited view and scope.
 4 | 
 5 | Network Pentest is specific branch which deal with assessment of network device, servers, and connected appliance.
 6 | 
 7 | # Hard Skills
 8 | 
 9 | - Understanding concept of networking, routing, data encapsulation.
10 | - Familiarity with industry standard such as CVE, CVSS, CWE, CAPEC.
11 | - Being able to identify and map target across network 
12 | - Experience with basic to intermediate working knowledge of Unix, Linux, Windows, network devices, and firewalls.
13 | - Be able to code at least in one scripting language: Bash, Ruby, Python.
14 | - Possess strong analytical mind in analysing and verifying findings from security tools.
15 | - Passionate to explore new technologies and learn new techniques/tools to circumvent security controls.
16 | 
17 | # Soft Skills
18 | 
19 | - Excellent presentation and communication skill to effectively communicate with managers and customers.
20 | - Ability to clearly articulate complex concepts (both written and verbally)
21 | 
22 | # Tools
23 | 
24 | Some tools that should be mastered:
25 | - Vulnerability Scanner: Nessus / OpenVAS / Acunetix
26 | - Nmap
27 | - Wireshark
28 | - Scapy
29 | - Ettercap / bettercap
30 | - Metasploit
31 | - Burp Suite / OWASP ZAP
32 | 
33 | Also some useful site:
34 | - [exploit-db](https://www.exploit-db.com/) | [Google Hacking DB](https://www.exploit-db.com/google-hacking-database)
35 | - [sploitus](https://sploitus.com/)
36 | - [Packet Storm Security](https://packetstormsecurity.com/)
37 | 
38 | # Certification
39 | 
40 | - Certified Ethical Hacker (CEH)
41 | - eLearnSecurity Junior Penetration Tester (eJPT)
42 | - GIAC Penetration Tester (GPEN)
43 | - Offensive Security Certified Professional (OSCP)
44 | - Practical Network Penetration Tester (PNPT)


--------------------------------------------------------------------------------
/attacker/pentester-web.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | Penetration Test, or known as pentest, is an authorized simulated cyber attack against the system or part of the system. This activity is performed to evaluate the security of the system using limited view and scope.
 4 | 
 5 | Web Pentest is specific branch which focus on web technology (application, service).
 6 | 
 7 | # Hard Skills
 8 | 
 9 | - Knowledge of OWASP Security Testing Guide.
10 | - Familiarity with industry standard such as CVE, CVSS, CWE, CAPEC.
11 | - Knowledge of web technologies and web application development.
12 | - Familiarity with the system or technologies used to host web applications (Java, .NET, Apache HTTPD, etc)
13 | - Familiarity with HTTP request and response.
14 | - Experience with REST API or SOAP for intercommunication.
15 | - Experience in data storage/access using SQL, NoSQL, XPath, etc.
16 | - Able to code at least in one scripting language: Bash, Ruby, Python.
17 | 
18 | # Soft Skills
19 | 
20 | - Excellent presentation and communication skill to effectively communicate with managers and customers.
21 | - Ability to clearly articulate complex concepts (both written and verbally)
22 | 
23 | # Tools
24 | 
25 | Some tools that should be mastered:
26 | - Burp Suite / OWASP ZAP
27 | - Postman / Swagger
28 | - Sqlmap
29 | 
30 | Also some useful site:
31 | - [exploit-db](https://www.exploit-db.com/) | [Google Hacking DB](https://www.exploit-db.com/google-hacking-database)
32 | - [sploitus](https://sploitus.com/)
33 | - [Packet Storm Security](https://packetstormsecurity.com/)
34 | 
35 | # Certification
36 | 
37 | - eLearnSecurity Web-app Penetration Tester (eWPT)
38 | - eLearnSecurity Web-app Penetration Tester eXtreme (eWPTX)
39 | - GIAC Web Application Penetration Tester (GWAPT)
40 | - Offensive Security Web Expert (OSWE)


--------------------------------------------------------------------------------
/defender/digital-forensic-investigator.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | `Digital Forensic Investigator` is a professional who specialize in collecting, processing, preserving, and analyzing digital evidence in order to investigate cyber crime and other types of digital incidents.
 4 | 
 5 | # Hard Skills
 6 | 
 7 | - Experience with SOC/NOC operations.
 8 | - Familiarity with Cyber Kill Chain and MITRE ATT&CK TTPs.
 9 | - Understanding operating system internals (Windows, Linux, and Mac OS).
10 | - Understanding forensic imaging techniques.
11 | - Knowledge in security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, network packet analyzers, enterprise level appliance.
12 | - Understanding IOCs and able to find it.
13 | - Able to perform log analysis.
14 | - Knowledge of host and network log sources.
15 | - Experience in common scripting language (bash, python, powershell) to parse logs and automate tasks.
16 | 
17 | # Soft Skills
18 | 
19 | - Strong critical thinking skills.
20 | - Strong interpersonal skills with the ability to communicate technical issues to non-technical staff.
21 | - Creating brief presentations.
22 | - Writing summary report.
23 | 
24 | # Tools
25 | 
26 | - FTK Imager
27 | - OS Forensics
28 | - Autopsy
29 | - Registry Explorer
30 | - Timeline Explorer
31 | - APT Hunter
32 | - Cedarpelta
33 | - Arsenal Image Mounter
34 | - KAPE
35 | 
36 | # Certification
37 | 
38 | - Digital Forensic Essentials (DFE)
39 | - Computer Hacking Forensics Investigator (CHFI)
40 | - eLearnSecurity Certified Digital Forensics Professional (eCDFP)
41 | - GIAC Certified Forensic Examiner (GCFE)
42 | - GIAC Certified Forensic Analyst (GCFA)
43 | - GIAC Network Forensic Analyst (GNFA) 


--------------------------------------------------------------------------------
/defender/threat-hunter.md:
--------------------------------------------------------------------------------
 1 | # Summary
 2 | 
 3 | Threat Hunter hunt for cyber threats in the network, identify any indicators of breach or compromise.
 4 | 
 5 | # Hard Skills
 6 | 
 7 | - Understanding Windows Active Directory, file systems, registry functions, processes, services.
 8 | - Understanding Linux file systems, processes, services.
 9 | - Understanding memory artifacts and how to acquire it.
10 | - Understanding common application-layer protocols (DNS, HTTP, SMB, etc)
11 | - Able to query SIEM utilities (Splunk, QRadar, Elastic)
12 | - Able to analyze logs from applicatiion, services, and machine.
13 | - Familiarity with automation.
14 | - Able to extract network traffic metadata and analyze usign common packet capture utilities.
15 | - Knowledge of APT (Advanced Persistent Threat) actors and associated tools and TTPs (tactics, techniques, and procedures)
16 | - Experience working with threat intelligence data, threat taxonomies, models, and IOCs (indicators of compromises). 
17 | - Understanding MITRE ATT&CK.
18 | - Experience with one or more scripting language: PowerShell, Python, etc
19 | 
20 | # Soft Skills
21 | 
22 | - Strong critical thinking skills.
23 | - Strong interpersonal skills with the ability to communicate technical issues to non-technical staff
24 | 
25 | # Tools
26 | 
27 | open source tools:
28 | - wireshark, tcpdump
29 | - Bro/Zeek
30 | - Snort
31 | - Suricata
32 | 
33 | commercial tools:
34 | - SIEM: QRadar, Splunk
35 | 
36 | # Certification
37 | 
38 | - eLearnSecurity Certified Threat Hunting Professional (eCTHP)
39 | - GIAC Cyber Threat Intelligence (GCTI)
40 | - Mosse Threat Hunetr (MTH)


--------------------------------------------------------------------------------
/mind-map.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ArchonLabs/roadmaps/2a166ffe029faab8feeb305b8883f54b78a827e5/mind-map.png


--------------------------------------------------------------------------------