1. Network Security
   • Understand TCP/IP, HTTP/HTTPS, DNS
   • Learn about firewalls, VPNs, IDS/IPS
2. Web Application Security
   • XSS, SQL Injection, CSRF, Authentication flaws
   • OWASP Top 10 is your best friend
3. Malware & Threat Analysis
   • Ransomware, Trojans, Worms, Spyware
   • Learn how malware behaves and spreads
4. Social Engineering
   • Phishing, Spear phishing, Pretexting, Vishing
   • Humans are often the weakest link
5. Cybersecurity Tools & Practices
   • Wireshark (sniffing packets), Nmap (scanning), Metasploit (testing exploits)
   • Basics of Linux command line and Bash scripting

2. How to Study Efficiently

• Focus on modern and widely used attacks (phishing, ransomware, XSS, SQLi, DDoS, MITM).
• Understand behavior, not just names (e.g., worms replicate themselves, trojans disguise as apps).
• Practice in safe lab environments:
  • Try Kali Linux, TryHackMe, Hack The Box
  • Set up virtual machines to test attacks safely
• Learn defensive techniques: firewalls, VPN, encryption, policies

3. Career Tip

• Your web dev experience is valuable → cybersecurity roles love devs who understand how code and apps work.
• You can start with:
  • Security Analyst / SOC Analyst → monitor and respond to threats
  • Penetration Tester / Ethical Hacker → simulate attacks
  • Application Security Engineer → secure web apps and APIs

1. Check open ports on your PC:
   • Windows: netstat -a
   • Linux: sudo netstat -tuln
2. Optional: Try connecting to SSH or HTTP on your router if allowed.