ronitraj sinha // security & networks
Learning Roadmap

My path to security & network engineering

I don't want to just collect certifications and buzzwords. The goal is to become a security engineer who can reason about networks, understand attack patterns, build defensive tools, and work comfortably across the full stack when needed.

0–6 months (Current Focus)

Networking Fundamentals

Building a rock‑solid foundation in how networks actually move packets so security concepts sit on something real and tangible.

  • OSI & TCP/IP models, IP addressing, subnetting
  • Routing protocols, switching, VLANs
  • DNS, DHCP, HTTP/HTTPS and common application protocols
  • Hands‑on labs using packet captures and network tools

Core Security Fundamentals

Using platforms like TryHackMe to connect security theory with real attack paths and defensive thinking patterns.

  • Web exploitation basics: XSS, SQLi, CSRF, authentication bypass
  • Linux system fundamentals, permissions, basic hardening
  • Understanding logs, alerts and thinking like a blue‑team member
  • OWASP Top 10 vulnerabilities with hands‑on practice

Web Development for Security

Maintaining web dev skills because you can't secure what you don't understand how to build properly.

  • Secure coding patterns and input validation
  • Authentication & authorization best practices
  • Building security‑focused web utilities and tools
6–18 months (Next Phase)

Network & System Security

Moving deeper into how defenders monitor, harden and reason about production environments and live networks.

  • Firewall configuration, IDS/IPS systems
  • Network segmentation and secure architecture design
  • VPN technologies and secure remote access
  • Understanding common network attacks (ARP spoofing, MITM, DoS)
  • Log collection, SIEM basics and incident detection

Penetration Testing Basics

Understanding the offensive side to build better defenses and think like an attacker when evaluating systems.

  • Reconnaissance and information gathering techniques
  • Vulnerability scanning and exploitation frameworks
  • Post‑exploitation and privilege escalation
  • Writing clear, actionable security reports

Security‑Focused Projects

Building more tools that live at the intersection of security awareness, network defense and practical utility.

  • Network monitoring and visualization dashboards
  • Security awareness training tools
  • Automated threat detection utilities
  • Contributing to open‑source security projects

This roadmap evolves as I learn and build more — that's the whole point. My focus is always on practical skills that translate directly to real‑world security work. If you have suggestions or think I'm missing something important, I'm always open to feedback.