CS50 → Network+ → Security+ → Specialization → Capstone. Rest days protect your streak. Skipped nights don't — resume at 1x, don't double up.
01 / Tonight
Loading…
—
Six straight nights. Fatigue compounds quietly — consider declaring tonight a rest day.
02 / Streak
0
day streak
0
best streak
0
study nights
1
program day
03 / This Month
—
SMTWTFS
04 / Full Log
study nightrest day
05 / Curriculum Reference
View full 4-year curriculum (v2)
Cost model: every course is free in audit mode — lectures, psets, and labs, no paywall on the content itself. The only mandatory spend in the whole plan is two CompTIA exam vouchers: Network+ (~$369) and Security+ (~$404). Everything else — CS50, Coursera, edX verified certificates — skip and audit instead; GitHub proof matters more than a certificate PDF.
Year 1 — Foundations
1.1 CS50: Intro to Computer Science (Harvard)
Audit free via edX. Algorithms, memory, abstraction at real depth. Scoped through pset6 — Python/SQL/Flask covered separately via CS50P and the web security module.
Gate: pset6 on GitHub
1.2 CS50P: Intro to Programming with Python (Harvard)
Free audit — finishes the "In Progress" line already on the resume.
Gate: all 9 psets passing
1.3 Computer Networks (Stanford CS144 equiv.)
Stanford CS144 archive + Georgia Tech CS 6250 backup. Kurose & Ross as reference text.
Gate: diagram TCP handshake, DNS resolution, subnetting from memory
1.4 CompTIA Network+ (paid)
Professor Messer free course + pfSense/VLAN home lab.
Gate: pass Network+ — $369 voucher
Checkpoint #1 — internship-eligible once Network+ is certified and CS50/CS50P are on GitHub.
Year 2 — Core Security
2.1 Cryptography I (Stanford, Dan Boneh)
Audit free on Coursera. Cipher-breaking exercises in Python, pushed to GitHub.
2.2 Computer Systems Security (MIT 6.858)
MIT OpenCourseWare — fully free, no certificate to buy. OS/web security, buffer overflows, web exploitation labs.
Gate: labs 2 & 3 documented on GitHub
2.3 CompTIA Security+ (paid)
Professor Messer / Jason Dion free content.
Gate: pass Security+ SY0-701 — $404 voucher
2.4 Web Security (Stanford CS253 equiv.)
CS253 archive + official OWASP Top 10 docs. OverTheWire "Natas" wargame.
Gate: clear Natas levels 0–15
Checkpoint #2 — networking + security fundamentals + real labs on GitHub.
Year 3 — Applied Specialization
3.1 Applied Offensive Security
TryHackMe "Jr Penetration Tester" path + HackTheBox Academy free tiers.
Gate: 25+ machines rooted & written up
3.2 Applied Defensive Security (Blue Team)
Wazuh or Security Onion, free docs/training. SIEM deployed in the home lab.
Gate: SIEM detecting simulated attacks
3.3 Specialization Cert (paid — pick one, only when job-targeted)
CySA+ (best fit given the systems background), eJPT/CPTS ($100–500), or CEH v13 (~$1,199, only if a listing names it). Don't buy until a role calls for it.
3.4 Cloud Security Foundations
AWS Skill Builder or Microsoft Learn AZ-500 path — free to learn; sit the paid exam only once employed in a cloud-touching role.
Full pentest of your own ProPHBot/Gym Depot infrastructure, a written vulnerability assessment in industry format, remediation, and SIEM monitoring on production Cappyworks infra — network eng + security eng + real deployment in one project, and a sellable service line.
Don't buy CySA+/CEH/cloud certs before a job posting specifically names them.
Don't stack Network+ AND Security+ AND CC — Net+ → Sec+ is sufficient.
Don't let cert-hunting replace GitHub portfolio proof — recruiters check the repo, not the PDF.
One-line directive: finish CS50P (already in progress), start CS50 in parallel, audit mode only. Everything else is sequenced and paid for exactly twice.