Program ini dirancang untuk membentuk seorang Cyber Security Specialist dari level dasar hingga advanced. Materi mencakup networking, Linux, penetration testing, defensive security, cloud security, malware analysis, digital forensics, exploit development, hingga security operations.
Setiap modul memiliki:
Tujuan pembelajaran
Materi utama
Tools yang dipelajari
Praktik/lab
Target skill
LEVEL 1 — FUNDAMENTAL CYBER SECURITY
Modul 1 — Introduction to Cyber Security
Tujuan:
Memahami dunia keamanan siber secara menyeluruh.
Materi:
Pengertian cyber security
CIA Triad
Threat, Risk, Vulnerability
Jenis hacker
Red Team vs Blue Team vs Purple Team
Ethical Hacking
Cyber Kill Chain
MITRE ATT&CK Overview
Tools:
Kali Linux
ParrotOS Security
VirtualBox
VMware
Praktik:
Instalasi lab virtual hacking
Setup Kali Linux / ParrotOS Security
Target Skill:
Memahami ekosistem keamanan siber.
Modul 2 — Computer Networking
Materi:
OSI Layer
TCP/IP
Port & Protocol
DNS
DHCP
NAT
VPN
VLAN
Routing & Switching
IPv4 & IPv6
Tools:
Wireshark
Cisco Packet Tracer
Nmap
Praktik:
Analisa paket jaringan
Simulasi jaringan perusahaan
Target Skill:
Mampu memahami komunikasi jaringan.
Modul 3 — Linux for Security
Materi:
Linux filesystem
Bash command
User & Permission
SSH
Process management
Cronjob
Package management
Linux hardening
Tools:
Ubuntu
Kali Linux
Arch Linux
RHLinux
Praktik:
Hardening Linux server
Setup SSH secure
Target Skill:
Menguasai Linux untuk kebutuhan keamanan.
Modul 4 — Windows Security Fundamentals
Materi:
Windows architecture
Active Directory
Windows Defender
PowerShell
Windows privilege
Registry
Event Viewer
Windows hardening
Tools:
Windows Server
PowerShell
Sysinternals
Praktik:
Audit Windows security
Analisa event log
Target Skill:
Memahami keamanan sistem Windows.
Modul 5 — Programming for Security
Materi:
Python dasar
Bash scripting
PowerShell scripting
Automation
API interaction
Regex
Tools:
Python
VSCode
Git
Praktik:
Membuat port scanner
Membuat automation recon
Target Skill:
Mampu membuat tools sederhana.
LEVEL 2 — WEB & NETWORK SECURITY
Modul 6 — Web Technology Fundamentals
Materi:
HTTP/HTTPS
Cookie
Session
REST API
Frontend vs Backend
Database basics
Authentication
Tools:
Burp Suite
Postman
Praktik:
Intercept request
Analisa login flow
Target Skill:
Memahami cara kerja aplikasi web.
Modul 7 — Information Gathering & Reconnaissance
Materi:
Passive recon
Active recon
OSINT
DNS enumeration
Subdomain enumeration
Google dorking
Tools:
Amass
Subfinder
Whois
Shodan
theHarvester
Praktik:
Mapping target domain
Asset discovery
Target Skill:
Mampu melakukan reconnaissance.
Modul 8 — Network Scanning & Enumeration
Materi:
Port scanning
Service detection
Banner grabbing
SMB enumeration
SNMP enumeration
Enumeration methodology
Tools:
Nmap
Rustscan
Enum4linux
Netcat
Praktik:
Enumerasi server target
Target Skill:
Mampu menemukan attack surface.
Modul 9 — Web Application Security
Materi:
OWASP Top 10
Authentication flaws
Session vulnerabilities
Business logic flaw
API security
Tools:
Burp Suite
OWASP ZAP
Praktik:
Testing aplikasi vulnerable
Target Skill:
Memahami celah aplikasi web.
Modul 10 — SQL Injection
Materi:
SQL basics
Error-based SQLi
Blind SQLi
Time-based SQLi
WAF bypass
Tools:
SQLMap
Burp Suite
Praktik:
Eksploitasi lab SQL Injection
Target Skill:
Mampu mengidentifikasi dan memahami SQL Injection.
Modul 11 — Cross Site Scripting (XSS)
Materi:
Reflected XSS
Stored XSS
DOM XSS
Cookie stealing
CSP bypass
Tools:
Dalfox
XSStrike
Burp Suite
Praktik:
XSS exploitation lab
Target Skill:
Memahami serangan XSS.
Modul 12 — File Upload & RCE
Materi:
File upload bypass
Webshell
Command injection
Remote Code Execution
LFI/RFI
Tools:
Burp Suite
Metasploit
Praktik:
Upload bypass testing
Target Skill:
Memahami eksploitasi upload vulnerability.
LEVEL 3 — ETHICAL HACKING & PENETRATION TESTING
Modul 13 — Vulnerability Assessment
Materi:
Vulnerability lifecycle
CVSS
Risk rating
Asset prioritization
Tools:
Nessus
OpenVAS
Praktik:
Scan dan analisa vulnerability
Target Skill:
Mampu melakukan vulnerability assessment.
Modul 14 — Metasploit Framework
Materi:
Exploit
Payload
Meterpreter
Post exploitation
Persistence
Tools:
Metasploit
Praktik:
Exploit vulnerable machine
Target Skill:
Menguasai penggunaan Metasploit.
Modul 15 — Password Attacks
Materi:
Brute force
Dictionary attack
Hash cracking
Password spraying
Credential stuffing
Tools:
Hashcat
Hydra
John the Ripper
Praktik:
Crack hash lab
Target Skill:
Memahami keamanan password.
Modul 16 — Wireless Security
Materi:
WiFi security
WPA/WPA2/WPA3
Handshake capture
Evil twin
Rogue AP
Tools:
Aircrack-ng
Bettercap
Praktik:
Audit jaringan wireless lab
Target Skill:
Memahami keamanan jaringan wireless.
Modul 17 — Active Directory Attacks
Materi:
Kerberos
NTLM
Lateral movement
Pass the hash
Kerberoasting
Tools:
BloodHound
Mimikatz
CrackMapExec
Praktik:
Simulasi AD attack
Target Skill:
Memahami keamanan enterprise.
Modul 18 — Privilege Escalation
Materi:
Linux privilege escalation
Windows privilege escalation
SUID
Kernel exploit
Misconfiguration
Tools:
LinPEAS
WinPEAS
Praktik:
Escalation lab
Target Skill:
Mampu menemukan privilege escalation.
LEVEL 4 — DEFENSIVE SECURITY
Modul 19 — Security Operations Center (SOC)
Materi:
SOC workflow
Alert handling
Threat detection
SIEM basics
Tools:
Splunk
Wazuh
ELK Stack
Praktik:
Monitoring security event
Target Skill:
Memahami operasional SOC.
Modul 20 — Incident Response
Materi:
Incident lifecycle
Containment
Eradication
Recovery
Lessons learned
Tools:
Velociraptor
TheHive
Praktik:
Simulasi incident response
Target Skill:
Mampu menangani insiden keamanan.
Modul 21 — Digital Forensics
Materi:
Disk forensics
Memory forensics
Log analysis
Timeline analysis
Tools:
Autopsy
Volatility
FTK Imager
Praktik:
Analisa image disk
Target Skill:
Memahami digital forensic investigation.
Modul 22 — Malware Analysis
Materi:
Static analysis
Dynamic analysis
PE file
Obfuscation
Sandbox
Tools:
Ghidra
REMnux
x64dbg
Praktik:
Analisa malware sample aman
Target Skill:
Memahami dasar malware analysis.
Modul 23 — Threat Intelligence
Materi:
IOC
TTP
Threat actor
Threat feed
OSINT intelligence
Tools:
MISP
VirusTotal
Shodan
Praktik:
IOC analysis
Target Skill:
Memahami cyber threat intelligence.
Modul 24 — Security Hardening
Materi:
Server hardening
Firewall
IDS/IPS
Endpoint protection
Zero Trust
Tools:
pfSense
Fail2Ban
CrowdSec
Praktik:
Hardening production server
Target Skill:
Meningkatkan keamanan sistem.
LEVEL 5 — ADVANCED CYBER SECURITY
Modul 25 — Cloud Security
Materi:
AWS security
Azure security
IAM
S3 misconfiguration
Container security
Tools:
ScoutSuite
Trivy
Docker
Praktik:
Audit cloud configuration
Target Skill:
Memahami keamanan cloud.
Modul 26 — Mobile Application Security
Materi:
Android security
APK analysis
Reverse engineering
SSL pinning bypass
Tools:
JADX
Frida
MobSF
Praktik:
Testing APK vulnerable
Target Skill:
Memahami mobile security.
Modul 27 — Reverse Engineering
Materi:
Assembly basics
Binary analysis
Function analysis
Reverse workflow
Tools:
Ghidra
IDA Free
x64dbg
Praktik:
Reverse engineering binary sederhana
Target Skill:
Memahami struktur program.
Modul 28 — Exploit Development
Materi:
Buffer overflow
Shellcode
Memory corruption
Stack & Heap
DEP & ASLR bypass
Tools:
Immunity Debugger
pwntools
GDB
Praktik:
Simulasi buffer overflow di lab lokal aman
Target Skill:
Memahami dasar exploit development.
Modul 29 — Red Team Operations
Materi:
Adversary simulation
OPSEC
Initial access
Persistence
Lateral movement
Reporting
Tools:
C2 Framework
Covenant
Sliver
Praktik:
Simulasi internal red team dalam lab terisolasi
Target Skill:
Memahami operasi red teaming.
Modul 30 — Professional Cyber Security Specialist
Materi:
Security assessment
Pentest reporting
Compliance
Security framework
Career roadmap
Freelance & bug bounty
Building security portfolio
Tools:
Dradis
Obsidian
GitHub
Praktik:
Final project penetration testing
Presentasi laporan profesional
Target Skill:
Siap menjadi Cyber Security Specialist profesional.
BONUS SECTION
Sertifikasi yang Direkomendasikan
CEH
OSCP
OSWE
PNPT
CRTO
CompTIA Security+
CISSP
CISM
CCNA
eJPT
Platform Praktik
Hack The Box
TryHackMe
PortSwigger Web Security Academy
PicoCTF
VulnHub
OverTheWire
Roadmap Karier
Beginner:
IT Support
Junior SOC Analyst
Junior Pentester
Intermediate:
Security Engineer
Penetration Tester
Threat Hunter
Advanced:
Red Team Operator
Security Researcher
DFIR Specialist
Exploit Developer
Security Architect
PENUTUP
Program Cyber Security Specialist ini dirancang untuk memberikan pembelajaran terstruktur dari dasar hingga tingkat profesional.
Jika seluruh modul dipelajari secara konsisten dan disertai praktik lab nyata, peserta akan memiliki kemampuan teknis yang kuat di bidang offensive security maupun defensive security.