Week 1: Cybersecurity Foundations (Days 1–7)

📍 Day 1 – Introduction to Cybersecurity

• What is Cybersecurity? Why it matters
• CIA Triad: Confidentiality, Integrity, Availability
• Types of threats: malware, phishing, DoS, insider threats
  
  

📍 Day 2 – Types of Hackers + Cyber Laws

• White, Black, Grey Hat hackers
• Bug Bounty, Pen Testing
• Cyber laws (India/US/Global overview)
  
  

📍 Day 3 – Networking Basics for Security

• TCP/IP model, IP address, MAC, DNS, Ports
• Common protocols: HTTP, HTTPS, FTP, SSH
• Tools: Wireshark (packet sniffing basics)

📍 Day 4 – Operating Systems for Security

• Windows vs Linux security
• File systems, permissions, UAC
• Hands-on: Linux basics (Kali/Ubuntu)

📍 Day 5 – Malware & Threat Types

• Viruses, Worms, Ransomware, Trojans, Rootkits
• Indicators of Compromise (IoCs)
• Real-world attack case studies

📍 Day 6 – Firewalls & Antivirus

• Types of firewalls (host, network, cloud)
• Signature-based vs behavior-based detection
• Hands-on: Set up a basic firewall on Windows/Linux

📍 Day 7 – Virtualization & Lab Setup

• Use VirtualBox / VMware
• Install Kali Linux, Metasploitable, Windows VM
• Safe hacking lab creation

Week 2: Ethical Hacking & Tools (Days 8–14)

📍 Day 8 – Footprinting & Reconnaissance

• Passive vs active recon
• Whois, DNS lookup, Google dorking
• Tools: Recon-ng, Maltego

📍 Day 9 – Scanning & Enumeration

• Nmap basics: ping scan, port scan, version scan
• Banner grabbing, OS detection
• Vulnerability scanners: Nessus, OpenVAS

📍 Day 10 – Gaining Access (Exploitation Basics)

• Exploits, CVEs, Metasploit Framework
• Payloads & backdoors
• Hands-on: Use Metasploit to exploit known vulnerabilities

📍 Day 11 – Password Cracking

• Hashing vs encryption
• Tools: John the Ripper, Hydra, Hashcat
• Brute force, dictionary, rainbow tables

📍 Day 12 – Web Application Attacks

• OWASP Top 10: XSS, SQLi, CSRF, RFI
• Hands-on: DVWA (Damn Vulnerable Web App) walkthrough
• Burp Suite basics

📍 Day 13 – Wireless Attacks

• WiFi encryption: WEP, WPA, WPA2
• Tools: Aircrack-ng, Kismet
• Deauth attacks, packet sniffing

📍 Day 14 – Social Engineering

• Phishing, Pretexting, Baiting
• Email spoofing, malicious links
• Tools: SET (Social Engineering Toolkit)

Week 3: Defensive Security & Career Prep (Days 15–21)

📍 Day 15 – System Hardening

• Disabling unused services/ports
• Strong password policies
• Patch management & OS updates

📍 Day 16 – Logging & Monitoring

• SIEM tools: Splunk, ELK Stack, OSSEC
• Log analysis, anomaly detection
• Hands-on: Set up basic logging on Linux

📍 Day 17 – Incident Response

• Incident response lifecycle
• Containment, eradication, recovery
• Reporting and documentation

📍 Day 18 – Cryptography

• Symmetric vs Asymmetric
• SSL/TLS, HTTPS, Certificates
• Tools: OpenSSL, GPG

📍 Day 19 – Cloud & Mobile Security

• AWS/Azure security basics
• IAM, S3 bucket misconfigurations
• Android/iOS vulnerabilities

📍 Day 20 – Final Cyber Project

Choose one:

• Hack a vulnerable machine (TryHackMe, HackTheBox)
• Build a secure login system
• Simulate a phishing attack + defense

📍 Day 21 – Certifications & Career Guidance

• CEH, CompTIA Security+, OSCP
• How to start bug bounties
• Resume tips, portfolio, LinkedIn branding

🧰 Tools You’ll Use:

• 🐧 Kali Linux
• 📡 Nmap, Wireshark, Metasploit, Burp Suite
• 🔐 John the Ripper, Aircrack-ng, Hydra
• 🧪 DVWA, TryHackMe, HackTheBox
• 📂 VirtualBox / VMware for safe practice

🎓 After This Course:

• Launch a career in Cybersecurity, SOC, Pen Testing
• Ready for CEH or Security+ certification