Cybersecurity Mind Maps
30 interactive visual guides + 4 hands-on tools — all free, click to open instantly in your browser.
Browse All Mind Maps
1. Cybersecurity Fundamentals (CIA Triad)
Core principles of Confidentiality, Integrity & Availability with defence in depth, risk management and security controls.
2. Essential Cybersecurity Tools
Nmap, Wireshark, Metasploit, Burp Suite, BloodHound, Volatility & 50+ tools with categories and use cases.
3. Common Cyber Threats & Attack Types
Ransomware, phishing, DDoS, APTs, social engineering, supply chain attacks & modern attack vectors with defences.
4. Cybersecurity Compliance & Laws
GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2, NIST CSF, NIS2 & CMMC with requirements and compliance checklists.
5. Incident Response Steps
NIST & SANS IR frameworks — Preparation, Detection, Containment, Eradication, Recovery and Lessons Learned.
6. Ethical Hacking Phases
Reconnaissance, Scanning, Exploitation, Post-Exploitation & Reporting — complete methodology with tools and legal framework.
7. Cloud Security Best Practices
AWS/Azure/GCP IAM, encryption, CSPM, DevSecOps, container security & misconfiguration prevention with practical guides.
8. AI in Cybersecurity
AI for threat detection, adversarial ML attacks, LLM security risks, OWASP LLM Top 10, deepfakes & AI red teaming.
9. IoT Security Challenges
Device hardening, firmware analysis, OWASP IoT Top 10, IIoT/OT security, Purdue Model & network segmentation.
10. Cybersecurity Job Interview Prep
Technical questions, behavioural answers, salary negotiation, resume tips & role-specific prep for SOC, pentest and GRC.
11. OWASP Top 10 Web Security
A01–A10 vulnerabilities: broken access control, injection, SSRF, misconfigurations & real-world exploitation and fixes.
12. Active Directory Attacks & Defense
Kerberoasting, Pass-the-Hash, DCSync, BloodHound attack paths, Golden Ticket & enterprise AD hardening strategies.
13. Bug Bounty Hunting Roadmap
Recon, vulnerability classes, methodology, writing reports & top platforms: HackerOne, Bugcrowd, Intigriti.
14. Zero Trust Architecture
Never trust, always verify — identity, device, network, data pillars & NIST SP 800-207 implementation guide.
15. Cybersecurity Certifications Roadmap
Security+, OSCP, CISSP, CEH, GIAC & cloud certs — full path from beginner to expert with costs and study resources.
16. Social Engineering & Phishing
Phishing, vishing, smishing, pretexting, BEC attacks, MFA fatigue & psychological manipulation defence tactics.
17. OSINT Techniques & Tools
Shodan, Maltego, Google dorking, dark web intel, people & domain reconnaissance with practical field techniques.
18. Network Security Fundamentals
OSI model attacks, firewalls, IDS/IPS, VPNs, wireless security, protocols & network segmentation strategies.
19. Digital Forensics & Incident Response
IR lifecycle, memory & disk forensics, chain of custody, Volatility, artefacts & MITRE ATT&CK correlation.
20. Malware Analysis Fundamentals
Static & dynamic analysis, sandboxes, reverse engineering with Ghidra/IDA Pro, IOC extraction & YARA rules.
21. Penetration Testing Methodology
Pre-engagement, recon, scanning, exploitation, post-exploitation, reporting & PTES/OWASP testing standards.
22. Cryptography Fundamentals
Symmetric & asymmetric encryption, hashing, PKI, TLS handshake, common attacks & post-quantum cryptography.
23. Ransomware Attack & Defense
Attack lifecycle, RaaS model, notable attacks, prevention controls, IR playbook & 3-2-1 backup strategy.
24. Container & Kubernetes Security
Docker hardening, K8s RBAC, Pod Security, Network Policies, Falco runtime security & CIS benchmarks.
25. MITRE ATT&CK Framework
All 14 tactics, top techniques, threat groups, detection data sources & ATT&CK Navigator usage guide.
26. Threat Hunting
Proactive hunt hypotheses, stack counting, beaconing detection, Velociraptor & hunting maturity model.
27. Mobile Security & OWASP Mobile Top 10
Android & iOS security, M1-M10 vulnerabilities, Frida, MobSF, certificate pinning bypass & MASVS standard.
28. Cloud Security — AWS, Azure & GCP
Shared responsibility, IAM misconfigs, GuardDuty, Defender for Cloud, CSPM tools & cloud pentesting techniques.
29. Red Team vs Blue Team
Adversary simulation, C2 infrastructure, SOC tiers, detection engineering, purple team exercises & career paths.
30. Supply Chain Security
Dependency confusion, SolarWinds, SBOM, Sigstore, SLSA framework & vendor risk management strategies.
Hands-On Security Tools
Cybersecurity Career Path Wizard
Answer 7 questions and discover your ideal cybersecurity career — complete with salary ranges, required certifications and a personalised match score across 13 career paths.
Cyber Attacks Timeline 2000-2024
Interactive timeline of 27 major cyberattacks — Stuxnet, WannaCry, SolarWinds, Log4Shell and more. Click each event for full details, impact score and lessons learned.
Hacker's Toolkit Playground
Browser-based encoding and analysis playground — Base64, Hex, URL encode, Caesar cipher, ROT13/47, Binary, SHA hashes and JWT decode. Zero data sent to servers.
Personal Security Posture Checkup
35 questions across 7 domains — passwords, devices, network, phishing, backups, accounts and mobile. Get your personal security score with a prioritised action plan.