Web Security Roadmap
Programming
Programming is a crucial skill in the cybersecurity field, enabling professionals to create and automate tools for tasks like penetration testing and vulnerability scanning. Some important programming languages to learn for cybersecurity include:
- Python: Widely used for scripting and automation.
- Web languages like HTML, CSS, JavaScript, and PHP: Essential for understanding web applications and web-based attacks.
Network+
Network+ certification validates essential knowledge and skills needed to confidently design, configure, manage, and troubleshoot wired and wireless networks.
Linux+
Linux+ is a certification that validates competencies required of an early career system administrator supporting Linux systems.
eJPT
eJPT stands for eLearnSecurity Junior Penetration Tester. It is an entry-level certification teaching students how to perform penetration testing.
eWPT
eWPT stands for eLearnSecurity Web Application Penetration Tester. It focuses on teaching students how to perform penetration testing on web applications.
eWPTXv2
eWPTXv2 stands for eLearnSecurity Web Application Penetration Tester eXtreme version 2. It is an advanced certification teaching students how to perform penetration testing on advanced web applications and RESTful APIs.
APIsec
APIsec is a certification teaching students how to identify, assess, and mitigate security risks in APIs (Application Programming Interfaces).
Resources
Programming
Network+
Linux+
eJPT
eWAPT, eWAPTX
- Free study material on YouTube
- Notes available on LinkedIn
APIsec
Practice Hacking
- OverTheWire Bandit (Linux)
- PortSwigger (eWAPT)(eWPTX)
- picoCTF (Network)(Linux)(eJPT)(etc)
- TryHackMe (Network)(Linux)(eJPT)(etc)
- Hack The Box (Network)(Linux)(eJPT)(etc)
- root-me (Network)(Linux)(eJPT)(etc)
Note Taking
- Obsidian (Great for the long run, and linking knowledge)
- Notion (Great for sharing, and all devices synchronization)
Conclusion
The cybersecurity field is challenging and rewarding, requiring a strong foundation of knowledge and skills. The roadmap provides options for achieving this foundation, including certifications like Network+, Linux+, eJPT, and APIsec, along with programming and web language skills. Continuous learning and staying updated with industry developments are essential for success in this field.