My name is Mulualem Darimo. I am a Computer Science graduate pursuing an MSc in Economics & Finance in Poznań, Poland.
I am documenting my entire cybersecurity learning journey — every note, every resource, every mistake — so that anyone in the world can follow the same path for free.
If you are starting from zero, welcome. So did I.
"I lost everything once. I rebuilt by learning. Now I share everything so others don't have to start from scratch."
- ✅ Learn cybersecurity from the ground up
- ✅ Earn the top certifications in the industry
- ✅ Document everything in plain, simple language
- ✅ Share all resources 100% free
- ✅ Help others break into cybersecurity without paying for expensive courses
This is the order I am studying. Each level builds on the previous one.
LEVEL 1 — FOUNDATIONS (Start Here)
├── Google Cybersecurity Certificate
├── Cisco Introduction to Cybersecurity
└── CompTIA IT Fundamentals (ITF+)
LEVEL 2 — CORE CERTIFICATIONS
├── CompTIA Security+ ← I am here right now
├── CompTIA Network+
└── (ISC)² CC — Certified in Cybersecurity
LEVEL 3 — SPECIALIST CERTIFICATIONS
├── CompTIA CySA+ (Cybersecurity Analyst)
├── CEH — Certified Ethical Hacker
└── CISM — Certified Information Security Manager
LEVEL 4 — ADVANCED (Future Goals)
├── CISSP — Certified Information Systems Security Professional
├── OSCP — Offensive Security Certified Professional
└── CISA — Certified Information Systems Auditor
cybersecurity-learning-journey/
│
├── 📂 00-foundations/
│ ├── 📂 google-cybersecurity-certificate/
│ │ ├── README.md ← What this cert is about
│ │ ├── notes/ ← My notes explained simply
│ │ ├── resources.md ← Free study links
│ │ └── certificate.md ← How to get it free
│ │
│ ├── 📂 cisco-intro-cybersecurity/
│ │ ├── README.md
│ │ ├── notes/
│ │ └── resources.md
│ │
│ └── 📂 core-concepts/
│ ├── what-is-cybersecurity.md
│ ├── cia-triad.md
│ ├── types-of-attacks.md
│ └── how-the-internet-works.md
│
├── 📂 01-comptia-security-plus/
│ ├── README.md ← Start here
│ ├── study-plan.md ← 90-day plan
│ ├── 📂 domain-1-threats/
│ │ ├── notes.md
│ │ └── practice-questions.md
│ ├── 📂 domain-2-architecture/
│ ├── 📂 domain-3-implementation/
│ ├── 📂 domain-4-operations/
│ ├── 📂 domain-5-governance/
│ ├── resources.md
│ └── exam-tips.md
│
├── 📂 02-comptia-network-plus/
│ ├── README.md
│ ├── notes/
│ └── resources.md
│
├── 📂 03-isc2-cc/
│ ├── README.md
│ ├── notes/
│ └── resources.md
│
├── 📂 04-comptia-cysa-plus/
│ ├── README.md
│ ├── notes/
│ └── resources.md
│
├── 📂 05-ceh/
│ ├── README.md
│ ├── notes/
│ └── resources.md
│
├── 📂 06-cissp/
│ ├── README.md
│ ├── notes/
│ └── resources.md
│
├── 📂 07-fraud-and-aml/
│ ├── README.md
│ ├── what-is-aml.md
│ ├── kyc-explained.md
│ ├── fraud-typologies.md
│ ├── transaction-monitoring.md
│ └── resources.md
│
├── 📂 08-web3-blockchain-security/
│ ├── README.md
│ ├── smart-contract-security.md
│ ├── wallet-security.md
│ ├── defi-risks.md
│ └── resources.md
│
├── 📂 09-practice-labs/
│ ├── README.md
│ ├── tryhackme-writeups/
│ ├── hackthebox-writeups/
│ └── tools/
│
├── 📂 10-free-resources/
│ ├── README.md ← Master list of everything free
│ ├── youtube-channels.md
│ ├── free-courses.md
│ ├── free-practice-sites.md
│ ├── free-books.md
│ └── communities.md
│
├── 📂 11-interview-prep/
│ ├── README.md
│ ├── common-questions.md
│ ├── aml-kyc-questions.md
│ ├── grc-questions.md
│ ├── soc-questions.md
│ └── my-answers.md
│
└── 📂 12-my-progress/
├── README.md
├── monthly-updates.md ← My monthly progress logs
├── certifications-earned.md
└── lessons-learned.md
🎯 Target exam date: Q3 2025
Think of it like a driving licence for cybersecurity. Before you can drive a car, you need to pass a test that proves you know the basic rules. Security+ is that test for cybersecurity. Most companies won't hire you as a security analyst without it.
| Domain | What it means in simple English | Weight |
|---|---|---|
| 1. Threats, Attacks & Vulnerabilities | Learning how hackers think and what they do | 24% |
| 2. Architecture & Design | How to build secure systems | 21% |
| 3. Implementation | Setting up security tools properly | 25% |
| 4. Operations & Incident Response | What to do when something goes wrong | 16% |
| 5. Governance, Risk & Compliance | Rules, laws, and policies | 14% |
- 📺 Professor Messer — professormesser.com — Best free video course. Watch every video.
- 📝 Jason Dion Practice Tests — Available on Udemy for ~40 PLN on sale
- 🎮 TryHackMe — tryhackme.com — Learn by doing, free tier available
- 📖 CompTIA Study Guide PDF — Free on the CompTIA website
| Channel | What You Learn |
|---|---|
| Professor Messer | CompTIA certifications |
| NetworkChuck | Networking and hacking basics |
| John Hammond | Practical hacking and CTF |
| David Bombal | Networking deep dives |
| The Cyber Mentor | Ethical hacking from scratch |
| Simply Cyber | Daily cybersecurity news |
| Platform | What It Offers |
|---|---|
| TryHackMe | Hands-on labs, beginner friendly |
| Hack The Box | Advanced practical labs |
| Cybrary | Free certification courses |
| SANS Cyber Aces | Free fundamentals |
| Coursera | Google cert (apply for financial aid) |
| Cisco NetAcad | Free Cisco cybersecurity courses |
| ISC2 CC | Free entry level certification |
| Site | Purpose |
|---|---|
| PicoCTF | Beginner CTF challenges |
| OverTheWire | Linux and security wargames |
| VulnHub | Download vulnerable VMs |
| OWASP WebGoat | Web security practice |
Imagine your house has doors, windows, and a safe. Cybersecurity is like being the person who makes sure all the doors are locked, the windows have bars, and the safe has a strong combination. Except instead of a house — it's a computer system. And instead of burglars — it's hackers.
Three words every security person must know:
- C = Confidentiality — Only the right people can see the information (like a secret diary with a lock)
- I = Integrity — The information hasn't been changed by someone who shouldn't (like making sure nobody edited your homework)
- A = Availability — The information is there when you need it (like making sure the library is open when you want to study)
A firewall is like a security guard at the door of a building. Every person (data packet) that wants to enter or leave must be checked. If they're on the approved list — they get in. If not — blocked.
Imagine you write a secret message to a friend but you replace every letter with a number only you both know. Even if someone steals the message they can't read it without the key. That's encryption.
A hacker sends you an email pretending to be your bank saying "Your account has been locked, click here to fix it." The link goes to a fake website that steals your password. That's phishing — fishing for your information using fake bait.
AML stands for Anti-Money Laundering. Imagine a criminal earns money illegally and wants to make it look legal. They put it through many banks and businesses to "clean" it — like washing dirty clothes. AML is the system banks use to detect and stop this.
KYC stands for Know Your Customer. Before a bank lets you open an account they ask: who are you? Show me your ID, your address, prove you are a real person with legitimate income. That verification process is KYC.
| Month | What I Studied | Completed |
|---|---|---|
| Sep 2024 | Blockchain Basics — Cyfrin Updraft | ✅ |
| Oct 2024 | Web3 Wallet Security — Cyfrin Updraft | ✅ |
| Nov 2024 | Solidity Smart Contracts — Cyfrin Updraft | ✅ |
| Dec 2024 | ZKP Fundamentals — Cyfrin Updraft | ✅ |
| Jan 2025 | Cisco Intro to Cybersecurity I, II, III | ✅ |
| 2025 | CompTIA Security+ — In Progress | 🔄 |
- Start at 00-foundations if you are completely new
- Follow the roadmap in order — don't skip levels
- Read every README before starting a section
- Use only the free resources listed — you don't need to pay for anything
- Open an issue if you find a better free resource — I will add it
- Star this repo if it helped you — it motivates me to keep going
- 🔗 LinkedIn: linkedin.com/in/mulualemdarimo-2025621ba
- 🐙 GitHub: github.com/Muller-bit
- 📧 Email: [email protected]
Please star this repository and share it with anyone trying to break into cybersecurity. Everything here is free and always will be.
"The best way to learn is to teach. The best way to grow is to help others grow."
Last updated: May 2026 | Poznań, Poland 🇵🇱