FLOW BELAJAR CYBERSECURITY DARI NOL (Step-by-Step Sampai Mahir)
Roadmap ini terbagi menjadi 9 level, mulai dari dasar komputer sampai penetration testing tingkat lanjut dan karier profesional.
🟦 LEVEL 1 — Fondasi Komputer & Jaringan (Basic Skill)
Sebelum belajar hacking, kuasai dulu dasar-dasar berikut:
✔ Dasar Komputer
- CPU, RAM, storage, OS
- File system: NTFS, ext4
✔ Dasar Networking
Pelajari:
- OSI Layer (wajib)
- TCP/IP
- IP Addressing
- Subnetting
- Routing & Switching
- DNS, HTTP, HTTPS
- Firewall dasar
✔ Dasar Linux
- Command line (mkdir, ls, grep, chmod, systemctl)
- User & group
- Permission
- Install software via apt
âž¡ Target: Bisa mengoperasikan Linux & memahami jaringan.
🟧 LEVEL 2 — Pengantar Cybersecurity
Pelajari konsep inti keamanan:
Konsep Utama:
- CIA Triad (Confidentiality, Integrity, Availability)
- Threat, vulnerability, exploit
- Malware: virus, trojan, worm, ransomware
- Social engineering
- Zero-day
- Encryption dasar (AES, RSA, hashing)
âž¡ Target: Memahami cara kerja ancaman & proteksi.
🟥 LEVEL 3 — Instalasi Lab Cybersecurity (Virtual Lab)
Penting untuk belajar tanpa merusak komputer asli.
Tools yang dibutuhkan:
- VirtualBox / VMware
- Kali Linux
- Windows 10 VM
- Metasploitable 2 / DVWA
- OWASP Juice Shop
âž¡ Target: Memiliki lab hacking aman & legal.
🟨 LEVEL 4 — Belajar Tool Hacking Dasar
Mulai dari tools yang umum dipakai:
✔ 1. Nmap — Scanning & Reconnaissance
✔ 2. Wireshark — Packet Sniffer
✔ 3. Hydra — Brute Force Login
✔ 4. John The Ripper — Password Cracker
✔ 5. Burp Suite — Web Proxy Analisis
✔ 6. Aircrack-ng — WiFi Pentesting
✔ 7. Metasploit — Exploitation Framework
âž¡ Target: Menguasai dasar scanning, sniffing, bruteforce, dan exploit.
🟩 LEVEL 5 — Belajar Web Hacking (Paling Banyak Dipakai)
Pelajari OWASP Top 10:
- SQL Injection
- Broken Authentication
- Cross-Site Scripting (XSS)
- Insecure Direct Object Reference
- Security Misconfiguration
- Sensitive Data Exposure
- Broken Access Control
- CSRF
- Using Components with Known Vulnerabilities
- Insufficient Logging
Tools:
- Burpsuite
- SQLmap
- Nikto
- XSS-Payload list
âž¡ Target: Bisa melakukan pentest aplikasi web.
🟦 LEVEL 6 — Belajar Network Pentesting
Pelajari teknik:
- OS Enumeration
- Service Enumeration
- SMB Exploit
- SSH Attack
- MITM Attack
- ARP Spoofing
- Sniffing & Decrypting traffic
- Firewall bypass
- Pivoting / Tunneling
Tools: Nmap, Responder, Ettercap, MITMf, Metasploit.
âž¡ Target: Bisa mensimulasikan serangan jaringan lokal.
🟧 LEVEL 7 — Belajar Exploitation & Privilege Escalation
You must know:
- Linux Privilege Escalation
- Windows Privilege Escalation
- Kernel exploit
- SUID misconfiguration
- Token impersonation (Windows)
- Reverse shell & bind shell
- Payload generation (msfvenom)
âž¡ Target: Bisa mengambil kontrol penuh target (root/SYSTEM).
🟥 LEVEL 8 — Belajar Digital Forensics & Incident Response (Opsional)
Pelajari:
- Memory forensics
- Disk forensics
- Log analysis
- Malware analysis dasar
- SIEM tools (Splunk / Wazuh / Graylog)
âž¡ Target: Bisa menganalisis insiden keamanan.
🟩 LEVEL 9 — Persiapan Karier & Sertifikasi
Sertifikasi rekomendasi:
- CEH (Certified Ethical Hacker)
- Security+
- OSCP (Advanced)
- eJPT (pemula)
- CPTS (HTB)
- CCNA Security
Role karier:
- SOC Analyst
- Penetration Tester
- Network Security Engineer
- Application Security Engineer
- Bug Bounty Hunter
- Cyber Threat Analyst
âž¡ Target: Siap bekerja di bidang Cybersecurity.
🧠Rangkuman Flow Belajar Cybersecurity
| Level | Materi |
| 1 | Dasar komputer, jaringan, Linux |
| 2 | Konsep keamanan & ancaman |
| 3 | Buat lab hacking Virtual Machine |
| 4 | Belajar tools hacking dasar |
| 5 | Web hacking (OWASP) |
| 6 | Network pentesting |
| 7 | Privilege escalation |
| 8 | Forensics & IR |
| 9 | Sertifikasi & karier |
