learntodriveai.dev/Cybersecurity/Track setup
Cybersecurity · Setup · ~5 min

Cybersecurity track setup.

Complete the platform setup first if you haven’t already. You should have a terminal, Claude Code, Git, and a GitHub account ready.

§ Steps

1. Create your track folder

TERMINAL
mkdir -p ~/dev/cybersecurity
cd ~/dev/cybersecurity

2. Cybersecurity tools: let Claude Code do it

Open Claude Code in your track folder:

TERMINAL
claude
PROMPT
I'm setting up a cybersecurity lab environment. Please:

1. Install Python 3.11+ via Miniconda, then create a conda environment called "security"
2. Install core Python packages in the security environment:
     requests, pyyaml, python-nmap,
     sigma-cli, pysigma, pysigma-backend-loki, pysigma-backend-opensearch
3. Install Docker if not already installed (or tell me how, it needs admin access)
4. Install these CLI tools (likely apt/brew, may need admin access):
     nmap, sqlmap, hydra, ffuf, yara
5. Pull these Docker images we'll use across projects:
     ghcr.io/zaproxy/zaproxy:stable      (OWASP ZAP web scanner)
     aquasec/trivy:latest                 (container vulnerability scanner)
     projectdiscovery/nuclei:latest       (template-based vulnerability scanner)

After each step, verify it worked and show me the result.

Note on nmap: Network scanning tools typically need administrator access to perform certain scan types. Claude Code will tell you if it needs elevated permissions. Specifically, nmap -sU (UDP scan) and nmap -O (OS detection) require root.

Per-project tools

A few projects need additional tools that aren't worth installing track-wide. The project's materials/CLAUDE.md flags them when needed:

  • Metasploit Framework (P4 network exploitation, P6/P7 lateral movement): apt install metasploit-framework on Debian/Ubuntu, or download from rapid7.com. ~1.5GB install.
  • osquery (P11 host-layer detection): osquery.io for the platform package. The osqueryi interactive shell is what the unit uses; the daemon is optional.
  • Wireshark / tshark (P3 packet capture): apt install tshark (the CLI). Add yourself to the wireshark group to capture without root.
  • Semgrep (P7 SAST): pip install semgrep (already covered if you used the conda env above).

Verify

Once Claude Code finishes:

TERMINAL
conda activate security
python --version
nmap --version
docker --version
docker images | grep zaproxy

You should see Python 3.11+, an nmap version (7.90+), a Docker version, and the ZAP image listed.

3. Your first look

Everything is installed. Before you start Project 1, see what Claude Code can do when you point it at a cybersecurity problem.

PROMPT
Start a simple vulnerable web application in Docker (use the OWASP Juice Shop image: 
bkimminich/juice-shop). Once it's running, use nmap to scan it and identify open ports 
and services. Then summarize what you found: what's running, what's exposed, and what 
a security assessor would look at first.

As you work through the track, you'll learn why a single prompt isn't enough: why that scan might miss vulnerabilities that require authentication, why the default scan flags might not be appropriate for every target, why the findings need to be mapped to a threat model, and why an engagement requires both attacking the weaknesses and building the defenses.

But for now, look at what just happened. That's the starting point.

IntroductionStart Project 1