What is the RFS Cyber Roadmap?

The RFS Cyber Roadmap is a comprehensive, structured learning path for cybersecurity professionals. It covers 14 specialized domains from foundation level to expert level, including Active Directory Security, Cloud Security, IoT Security, Malware Analysis, and more.

RFS is a Security Researcher specializing in Unified Communications Security, SIGINT (Signals Intelligence), and cybersecurity education. With expertise in Nokia systems, VoIP security, and modern attack techniques.

What certifications are covered?

The roadmap covers major cybersecurity certifications including eJPT, eCPPTv2, CRTP, ADCS CESP, OSCP, CISSP, CISM, and specialized certifications for cloud security, mobile security, and incident response.

Pentest Cyber Roadmap

Your comprehensive guide to mastering penetration testing and red team operations

Curated by RFS - Security Researcher

About RFS

Security Researcher in Unified Communications, Signals Intelligence, and Red Team Operations

Certifications & Expertise:

eJPT

eCPPTv2

CRTP

ADCS CESP

HTB DANTE

HTB Cybernetics

Fortinet NS1/NS2

CCNA

IMS/SIP/VoLTE

Nokia Systems

Partners & Resources

🔐 pentesting.pt 🚀 poplab.agency 📚 popdocs.net

Intermediate

🔄 CI/CD Security

Advanced

Pipeline Security Fundamentals
Secrets Management & OIDC
Container & Image Security
Security Testing Integration (SAST/DAST/SCA)
Infrastructure as Code Security
Supply Chain Attack Prevention
Pipeline Monitoring & Detection
Incident Response & Recovery
CI/CD Security Lab
GitHub Actions Security

🔧 GitHub Actions Security

Advanced

GitHub Actions Architecture
Workflow Security & Permissions
Workflow Injection Prevention
Secrets Management & OIDC
Action Hardening & Pinning
Supply Chain Security
Runner Security & Isolation
Monitoring & Compliance
CI/CD Security Roadmap

📅 Learning Timeline

Months 1-3: Foundation Building

Master networking fundamentals, Linux/Windows basics, and core security concepts. Begin with eJPT preparation.

Months 4-6: Web Security Focus

Deep dive into web application security, OWASP Top 10, and manual testing techniques.

Months 7-12: Advanced Exploitation

System exploitation, Active Directory attacks, and eCPPTv2 certification preparation.

Year 2: Specialization

Focus on unified communications, red team operations, and SIGINT capabilities. Pursue CRTP and specialized certifications.

Year 3+: Expert Level

Advanced red team techniques, custom tool development, and research in emerging technologies.

📋 Content Index

Comprehensive resources and materials organized by skill level and domain:

Quick Internal Links

All Levels

CI/CD Security · GitHub Actions Security · AD Modules · Recon Modules · CI/CD Lab

Network Security Fundamentals

Beginner

Essential networking concepts, protocols, and security principles for penetration testing.

Web Application Testing Guide

Intermediate

Complete methodology for web application security assessment and vulnerability exploitation.

Active Directory Attack Vectors

Advanced

Comprehensive guide to AD enumeration, exploitation, and post-exploitation techniques.

Red Team Playbooks

Expert

Tactical guides for red team operations, C2 deployment, and persistence mechanisms.

Unified Communications Security

Expert

Specialized content on VoIP, SIP, IMS, and telecommunications security testing.

SIGINT & RF Analysis

Expert

Signal intelligence gathering, RF analysis, and wireless protocol interception techniques.

Pentest Cyber Roadmap

About RFS

Certifications & Expertise:

Partners & Resources

🛣️ RFS Pentesting & Red Team Roadmap

📚 Foundation Level

🔍 Reconnaissance & Enumeration

🌐 Web Application Security

💻 System Exploitation

🏢 Active Directory Security

📞 Unified Communications Security

🎭 Red Team Operations

🔬 Signals Intelligence (SIGINT)

☁️ Cloud Security

🔌 IoT Security

🦠 Malware Analysis

🚨 Incident Response

📱 Mobile Security

📋 Compliance & Governance

☁️ AWS Security

🔵 Azure Security

🤖 AI Security

🏛️ Enterprise Security Architecture

🔒 DevSecOps

🔐 IAM Security

🔒 Application Security

🖥️ Virtualization Security

🐧 Linux Security

🆓 FreeBSD Security

🛡️ Vulnerability Manager

🔄 CI/CD Security

🔧 GitHub Actions Security

📅 Learning Timeline

Months 1-3: Foundation Building

Months 4-6: Web Security Focus

Months 7-12: Advanced Exploitation

Year 2: Specialization

Year 3+: Expert Level

📋 Content Index

Quick Internal Links

Network Security Fundamentals

Web Application Testing Guide

Active Directory Attack Vectors

Red Team Playbooks

Unified Communications Security

SIGINT & RF Analysis

Tools & Resources

Certification Prep Materials

Lab Environments & CTFs

CI/CD Security Lab

📧 Stay Updated with Cyber Roadmaps

Weekly Insights

Roadmap Updates

Privacy First

💚 Support This Free Resource

🎓 TryHackMe

🚀 HackTheBox

☁️ Digital Ocean

🏆 INE Training

📄 VisualCV