Great, Haseeb!

Since you already have CCNA-level networking knowledge, I'll skip beginner
networking and focus on building your cybersecurity path step-by-step — in the right order.

This list is designed to help you build a strong base, then move toward practical labs, and finally
get ready for certifications like CEH, Security+ or VAPT.

🧭 Cybersecurity Learning Path (Step-by-Step for Beginners)

✅ Phase 0: System Setup (Before You Start Learning)

Set up your lab environment:

 Install VirtualBox or VMware Workstation

 Download & install:

o Kali Linux VM 🐱‍💻

o Windows 10 VM

 Create a folder for your notes and commands

🔹 Phase 1: Foundation Layer (Essentials you must know)

📘 Week 1: Linux Basics

 Linux file system

 File permissions (chmod, chown)

 Users and groups

 Useful commands: ls, grep, find, nano, vi, top, sudo, etc.

📘 Week 2: Windows Basics

 Windows file structure

 Users, groups, permissions (NTFS)

 Task Manager, Services, Registry, Event Viewer

 CMD vs PowerShell (basic commands)

🧠 Review the security side of what you learned in CCNA.

📘 Week 3: Network Security Concepts

 OSI vs TCP/IP Models (quick refresh)

 TCP/UDP ports (FTP, SSH, DNS, HTTP, HTTPS, RDP, etc.)

 IP, MAC, NAT, DHCP, DNS

 VLANs, ACLs, Firewalls, DMZs

 Wireshark – packet capturing and analysis

🔹 Phase 3: Security Fundamentals

📘 Week 4: Cybersecurity Concepts

 CIA Triad (Confidentiality, Integrity, Availability)

 Threats vs Vulnerabilities vs Risks

 Types of Attacks (Brute force, DDoS, Man-in-the-Middle, etc.)

 Malware types (virus, trojan, worm, ransomware)

📘 Week 5: Cryptography Basics

 Symmetric vs Asymmetric Encryption

 Hashing: MD5, SHA, bcrypt

 Digital Signatures & Certificates (SSL/TLS)

 HTTPS & Certificates

🔹 Phase 4: Tools and Techniques (Hands-on Focus)

📘 Week 6: Nmap & Enumeration

 Nmap scan types: SYN, UDP, Version Detection

 Service and OS fingerprinting

 Basic nmap scripts

 OWASP Top 10

 SQL Injection, XSS, CSRF

 Practice on TryHackMe:

o OWASP Top 10 Room

o Web Fundamentals

🔹 Phase 5: System Hacking & Exploitation

📘 Week 8: Password Cracking

 John the Ripper / Hashcat basics

 Common hash types: MD5, SHA1, NTLM

📘 Week 9: Privilege Escalation

 Linux PrivEsc Basics

 Windows PrivEsc Basics

 Tools: linpeas, winpeas, sudo, schtasks, services

🔹 Phase 6: Defensive Security (Blue Team Basics)

📘 Week 10: Defense Concepts

 Firewalls, IDS/IPS

 Antivirus/EDR

 Logging & Monitoring

 Event log analysis (Windows)

📘 Week 11: Incident Response

 What is IR? Stages: Detect, Contain, Eradicate, Recover

 Basic forensics: file recovery, log analysis

 SIEM introduction (like Splunk or ELK)

📘 Week 12+: Real World Practice

 Daily labs on TryHackMe (recommend: “Jr Penetration Tester” path)

 TryHackMe Blue Team labs (e.g., SOC Level 1, Incident Response)

 HackTheBox machines (easy level)

🎓 Optional: Certification Ready?

You can now choose:

Cert Focus When to Start

Security+ Defensive security, theory-heavy After Phase 3 or 4

CEH Offensive security (theory + tools) After Phase 5

eJPT Practical, better than CEH for beginners After Phase 5

VAPT Practical Pentesting After Phase 6

🧰 Suggested Tools to Learn Along the Way:

 nmap, netcat, Wireshark

 Metasploit, Burp Suite

 Nikto, Gobuster, Dirb

 John, Hashcat

 Linux command line, PowerShell

Perfect, Haseeb! Here's your step-by-step cybersecurity learning path with the best YouTube
resources for each topic. This will help you stay focused, avoid wasting time, and get hands-on
knowledge quickly.
🧠 Cybersecurity Learning Path with 🔗 YouTube Resources

✅ CCNA Knowledge: Assumed Complete

💻 Goal: Prepare for CEH / Security+ / VAPT with solid hands-on foundation

✅ Phase 0: Lab Setup (Must Do Before Everything)

Set up your practice environment (VMs)

Topic Resource

How to Install Kali Linux VM 🔗 NetworkChuck – Kali Linux Install Tutorial

How to Install Windows 10 VM 🔗 David Bombal – Setup Windows VM

VirtualBox / VMware Basics 🔗 NetworkChuck – VirtualBox Guide

🔹 Phase 1: Linux & Windows Basics

📘 Week 1: Linux

Topic Resource

Linux Terminal for Beginners 🔗 The Cyber Mentor – Linux for Hackers

Linux Permissions 🔗 NetworkChuck – Linux File Permissions

📘 Week 2: Windows

Topic Resource

Windows Basics 🔗 David Bombal – Windows for Hackers

PowerShell Basics 🔗 NetworkChuck – PowerShell Crash Course

🔹 Phase 2: Networking (Security Focused)

📘 Week 3: Network Security Concepts

Topic Resource

TCP/IP & Ports Explained 🔗 NetworkChuck – TCP/IP Explained

Wireshark Tutorial 🔗 David Bombal – Wireshark Full Course

Nmap Basics 🔗 NetworkChuck – Nmap Hacking

🔹 Phase 3: Core Cybersecurity Concepts

📘 Week 4: Security Basics

Topic Resource

What is Cybersecurity 🔗 Simplilearn – Cybersecurity Full Course

Malware Types 🔗 CBT Nuggets – Malware Explained

CIA Triad 🔗 CBT Nuggets – CIA Explained

📘 Week 5: Cryptography

Topic Resource

Encryption, Hashing, SSL 🔗 NetworkChuck – Encryption Explained

Hashing and Cracking 🔗 Null Byte – Crack Passwords with Hashcat

🔹 Phase 4: Tools & Reconnaissance

📘 Week 6: Scanning & Enumeration

Topic Resource

Nmap Advanced 🔗 HackerSploit – Nmap Full Course

Recon Tools (whois, dig, netcat) 🔗 The Cyber Mentor – OSINT & Recon

📘 Week 7: Web App Security (OWASP)

Topic Resource

OWASP Top 10 🔗 STÖK – Web Hacking Guide

Burp Suite Basics 🔗 The Cyber Mentor – Burp Suite Guide

📘 Week 8: Password Cracking

Topic Resource

John the Ripper Tutorial 🔗 Null Byte – Crack Passwords

Hashcat Basics 🔗 InsiderPhD – Hashcat Beginner Guide

📘 Week 9: Privilege Escalation

Topic Resource

Linux PrivEsc 🔗 The Cyber Mentor – Linux PrivEsc

Windows PrivEsc 🔗 IppSec – Windows PrivEsc Walkthroughs

🔹 Phase 6: Blue Team & Defense

📘 Week 10–11: Defensive Security

Topic Resource

Introduction to Blue Team 🔗 John Hammond – Blue Team Start Here

SIEM (Splunk, ELK) 🔗 HackerSploit – ELK Stack Tutorial

Incident Response 🔗 David Bombal – IR Basics

🎯 Phase 7: Practice Platforms (Start Any Time)

Platform Focus Link

TryHackMe Beginner to Advanced Labs 🔗 [Link]

HackTheBox Realistic Hacking 🔗 [Link]

OverTheWire Linux + CTF 🔗 [Link]

RangeForce Blue Team/SOC 🔗 [Link]

🏁 Optional Certifications (Once you're ready)

CompTIA Security+ 🔗 Professor Messer – Security+ Full Playlist

CEH 🔗 Simplilearn – CEH Full Course

eJPT 🔗 TCM Security – eJPT Prep

Would you like this as a downloadable PDF or checklist version? I can create that for you too.