0% found this document useful (0 votes)

14 views5 pages

Penetration Testing Roadmap With Links

The document outlines a 12-week penetration testing roadmap, structured into daily 5-hour sessions focusing on core foundations, networking tools, vulnerability scanning, web application pentesting, privilege escalation, and full attack chains. Each week includes specific topics, resources, and practical exercises to enhance skills in cybersecurity and ethical hacking. Additionally, it provides links to certifications and tools for documentation and portfolio development.

Uploaded by

sofiya29814

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

14 views5 pages

Penetration Testing Roadmap With Links

Uploaded by

sofiya29814

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 5

Penetration Testing Roadmap (Daily - 5 Hours)

Week 1-2: Core Foundations (Networking, Linux, Basics)

Day 1: Intro to cybersecurity + hacking types

- TryHackMe: https://tryhackme.com/room/presecurity

Day 2: Networking basics - IP, TCP, ports, DNS

- TryHackMe: https://tryhackme.com/room/presecurity

Day 3: OSI Model, HTTP, web basics

- Wireshark: https://www.wireshark.org/

Day 4: Linux CLI basics

- TryHackMe: https://tryhackme.com/room/linuxfundamentals1

Day 5: Linux files, permissions

- TryHackMe: https://tryhackme.com/room/linuxfundamentals2

Day 6: Bash scripting basics

- YouTube: Search "Bash scripting for beginners"

Day 7: Practice on OverTheWire

- Bandit: https://overthewire.org/wargames/bandit/

Week 3-4: Networking Tools + Recon

Day 8: Nmap basics

- TryHackMe: https://tryhackme.com/room/nmap

Day 9: Nmap scripts + scanning

- https://nmap.org/nsedoc/
Penetration Testing Roadmap (Daily - 5 Hours)

Day 10: Whois, theHarvester, DNS enum

- TryHackMe: https://tryhackme.com/room/passiverecon

Day 11: Subdomain enum

- Sublist3r: https://github.com/aboul3la/Sublist3r

Day 12: Directory brute-force (Dirb, Gobuster)

- Gobuster: https://github.com/OJ/gobuster

Day 13: Recon challenge

- Create your own VM or use TryHackMe

Day 14: Full recon-focused CTF

- TryHackMe: https://tryhackme.com/room/ice

- HTB: https://app.hackthebox.com/starting-point

Week 5-6: Vulnerability Scanning + Exploitation Tools

Day 15: Service enumeration (FTP/SSH/SMB)

- TryHackMe: https://tryhackme.com/room/basicpentestingjt

Day 16: FTP exploits

- Metasploit: https://docs.rapid7.com/metasploit/

Day 17: SSH bruteforce with Hydra

- Hydra: https://github.com/vanhauser-thc/thc-hydra

Day 18: SMB enumeration

- Enum4linux: https://tools.kali.org/information-gathering/enum4linux
Penetration Testing Roadmap (Daily - 5 Hours)

Day 19: Searchsploit, ExploitDB

- https://www.exploit-db.com/

Day 20: Metasploit usage

- TryHackMe: https://tryhackme.com/room/metasploitintro

Day 21: Full exploitation practice

- TryHackMe: https://tryhackme.com/room/vulnversity

Week 7-8: Web Application Pentesting

Day 22: HTTP requests and architecture

- TryHackMe: https://tryhackme.com/room/webfundamentals

Day 23: Burp Suite basics

- https://portswigger.net/burp

Day 24: OWASP Top 10 overview

- https://owasp.org/www-project-top-ten/

Day 25: Cross-site scripting (XSS)

- https://portswigger.net/web-security/cross-site-scripting

Day 26: SQL injection

- https://portswigger.net/web-security/sql-injection

Day 27: File Upload, Command Injection

- DVWA: http://www.dvwa.co.uk/

Day 28: IDOR + Authentication Bypass

- https://portswigger.net/web-security/access-control/idor
Penetration Testing Roadmap (Daily - 5 Hours)

Week 9-10: Privilege Escalation

Day 29: Linux privesc intro

- TryHackMe: https://tryhackme.com/room/linuxprivesc

Day 30: SUID, PATH, cron jobs

- GTFOBins: https://gtfobins.github.io/

Day 31: LinPEAS scanning

- https://github.com/carlospolop/PEASS-ng

Day 32: Windows privesc intro

- TryHackMe: https://tryhackme.com/room/windows10privesc

Day 33: WinPEAS

- https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS

Day 34: Registry, Scheduled Tasks

- TryHackMe: custom VMs or VulnHub

Day 35: Practice box with privesc

- VulnHub: https://www.vulnhub.com/

Week 11-12: Full Attack Chains + Reporting

Day 36: Post Exploitation

- https://tryhackme.com/room/postexploit

Day 37: Pivoting + lateral movement

- HackTheBox Academy or custom labs

Penetration Testing Roadmap (Daily - 5 Hours)

Day 38: TryHackMe Offensive Pentesting

- https://tryhackme.com/path/outline/offensivepentesting

Day 39: Reporting fundamentals

- Sample template: https://github.com/honze-net/nmap-bootstrap-xsl

Day 40: Write practice pentest report

- Use Markdown or Google Docs

Day 41: TryHackMe RootMe

- https://tryhackme.com/room/rrootme

Day 42: HackTheBox Starting Point

- https://app.hackthebox.com/starting-point

Final Notes

Certifications:

- eJPT: https://ine.com/pages/ejpt

- PNPT: https://www.tcm-sec.com/pnpt/

- OSCP: https://www.offsec.com/oscp/

Document notes:

- Obsidian: https://obsidian.md/

- CherryTree: https://www.giuspen.com/cherrytree/

Portfolio tips:

- GitHub + blog with screenshots and reports

Full 100 Day Termux Hacking Course
No ratings yet
Full 100 Day Termux Hacking Course
101 pages
Tryhackme Road Map For Beginners
No ratings yet
Tryhackme Road Map For Beginners
21 pages
Notebook LM Masterclass - Ebook
No ratings yet
Notebook LM Masterclass - Ebook
63 pages
100-Day Cybersecurity Learning Plan
No ratings yet
100-Day Cybersecurity Learning Plan
5 pages
Cybersecurity Master Plan Final With Links
No ratings yet
Cybersecurity Master Plan Final With Links
78 pages
LTE Training-Celcite
No ratings yet
LTE Training-Celcite
72 pages
Cybersecurity Expert Roadmap
No ratings yet
Cybersecurity Expert Roadmap
4 pages
Cybersecurity 30 Day Roadmap
No ratings yet
Cybersecurity 30 Day Roadmap
3 pages
7-Day Penetration Roadmap
No ratings yet
7-Day Penetration Roadmap
8 pages
Cybersecurity Roadmap Guide
No ratings yet
Cybersecurity Roadmap Guide
5 pages
Cybersecurity Learning Roadmap
No ratings yet
Cybersecurity Learning Roadmap
2 pages
Hacking Roadmap
No ratings yet
Hacking Roadmap
1 page
Cybersecurity 12 Week Daily Schedule
No ratings yet
Cybersecurity 12 Week Daily Schedule
3 pages
OSCP 100percent Free Roadmap Cleaned
No ratings yet
OSCP 100percent Free Roadmap Cleaned
2 pages
Cybersecurity Basics Study Plan
No ratings yet
Cybersecurity Basics Study Plan
3 pages
Cybersecurity Roadmap 3 Months
No ratings yet
Cybersecurity Roadmap 3 Months
3 pages
Penetration Testing Roadmap 5hrs Daily
No ratings yet
Penetration Testing Roadmap 5hrs Daily
3 pages
React - and Cybersecurity RoadMap-180
No ratings yet
React - and Cybersecurity RoadMap-180
9 pages
Wo 17088 (11P) PLC Panel 04082024
100% (1)
Wo 17088 (11P) PLC Panel 04082024
43 pages
Cybersecurity Roadmap BTech
No ratings yet
Cybersecurity Roadmap BTech
3 pages
Cybersecurity Roadmap Beginner
No ratings yet
Cybersecurity Roadmap Beginner
3 pages
4th Month Advanced Exploitation and Post
No ratings yet
4th Month Advanced Exploitation and Post
4 pages
Web Pentest 6 Months
No ratings yet
Web Pentest 6 Months
5 pages
Penetration Testing Full Guide
No ratings yet
Penetration Testing Full Guide
3 pages
Cybersecurity 2
No ratings yet
Cybersecurity 2
41 pages
003 RoadMap
No ratings yet
003 RoadMap
2 pages
Guia Do TryHackme
No ratings yet
Guia Do TryHackme
3 pages
Basic Programming Civic nd1
No ratings yet
Basic Programming Civic nd1
13 pages
30-Day Penetration Testing Schedule
No ratings yet
30-Day Penetration Testing Schedule
1 page
Certified Ethical Hacker Plan
No ratings yet
Certified Ethical Hacker Plan
10 pages
1 Mo 5 ODD1 Ry
No ratings yet
1 Mo 5 ODD1 Ry
22 pages
3rd Month Exploitation Techniques and Hands
No ratings yet
3rd Month Exploitation Techniques and Hands
4 pages
Cybersecurity Bug Bounty Roadmap
No ratings yet
Cybersecurity Bug Bounty Roadmap
4 pages
Document Sans Titre
No ratings yet
Document Sans Titre
3 pages
Document 1
No ratings yet
Document 1
15 pages
User Manual Hexprog Ii Tuner: Index
No ratings yet
User Manual Hexprog Ii Tuner: Index
20 pages
Penetration Testing With Kali Linux - 5 Days
50% (2)
Penetration Testing With Kali Linux - 5 Days
9 pages
Cybersecurity Roadmap 6 Months
No ratings yet
Cybersecurity Roadmap 6 Months
3 pages
Ethical Hacking Programming Roadmap
No ratings yet
Ethical Hacking Programming Roadmap
3 pages
Ethical Hacking Study Tracker
No ratings yet
Ethical Hacking Study Tracker
3 pages
Vaishak V Cyber Security
No ratings yet
Vaishak V Cyber Security
13 pages
Cybersecurity Roadmap
No ratings yet
Cybersecurity Roadmap
7 pages
My Road To Cybersecurity
No ratings yet
My Road To Cybersecurity
4 pages
Roadmap To Learn
No ratings yet
Roadmap To Learn
3 pages
Cyber Security
No ratings yet
Cyber Security
9 pages
Cyber Security Roadmap
No ratings yet
Cyber Security Roadmap
11 pages
Cyber Roadmap
No ratings yet
Cyber Roadmap
4 pages
VCF 50 Design
No ratings yet
VCF 50 Design
253 pages
Pen Tester
No ratings yet
Pen Tester
3 pages
Cybersecurity Learning Roadmap
No ratings yet
Cybersecurity Learning Roadmap
4 pages
Roadmap To Ethical Hacking
No ratings yet
Roadmap To Ethical Hacking
5 pages
Road Map
No ratings yet
Road Map
3 pages
FREE Cybersecurity COURSES - Awesome Cyber Security University
No ratings yet
FREE Cybersecurity COURSES - Awesome Cyber Security University
4 pages
Ethical Hacker Roadmap by ChatGPT
No ratings yet
Ethical Hacker Roadmap by ChatGPT
4 pages
Roadmap
No ratings yet
Roadmap
4 pages
Roadmap
No ratings yet
Roadmap
3 pages
Course Content
No ratings yet
Course Content
6 pages
Structured Roadmap of Cyber Security (Deepseek)
No ratings yet
Structured Roadmap of Cyber Security (Deepseek)
2 pages
Penetration Testing Study Plan
No ratings yet
Penetration Testing Study Plan
3 pages
Certified Penetration Testing 3 Month
No ratings yet
Certified Penetration Testing 3 Month
4 pages
? Phase 4 Certifications & Career Preparation (Final Year) ? Goal Gain in - 20250305 - 200151 - 0000
No ratings yet
? Phase 4 Certifications & Career Preparation (Final Year) ? Goal Gain in - 20250305 - 200151 - 0000
4 pages
CASING PIPE DESIGN REPORT - Mayank Sir
No ratings yet
CASING PIPE DESIGN REPORT - Mayank Sir
62 pages
DBMS Interview Questions: Click Here
No ratings yet
DBMS Interview Questions: Click Here
26 pages
Step 1
No ratings yet
Step 1
3 pages
548 Sage50 Certificate
No ratings yet
548 Sage50 Certificate
25 pages
Pneumatic Rotary Actuator SIRCA NEW
No ratings yet
Pneumatic Rotary Actuator SIRCA NEW
16 pages
Lecture 4
No ratings yet
Lecture 4
9 pages
PM MG915,917,919,921,922
No ratings yet
PM MG915,917,919,921,922
85 pages
Inspection Checklist
No ratings yet
Inspection Checklist
11 pages
STATISTICS FINAL EXAM (MPM) Answer Sheet
No ratings yet
STATISTICS FINAL EXAM (MPM) Answer Sheet
15 pages
Ugong Senior High School
No ratings yet
Ugong Senior High School
6 pages
ThirdYear CSBS-2023
No ratings yet
ThirdYear CSBS-2023
87 pages
Web Services - 252 Course Outline
No ratings yet
Web Services - 252 Course Outline
6 pages
1 Annual Olympics
No ratings yet
1 Annual Olympics
25 pages
INSTRUCTION - SET - B.SC - PARA - PB Nursing - 2024
No ratings yet
INSTRUCTION - SET - B.SC - PARA - PB Nursing - 2024
28 pages
1548microsoft 365 For Dummies 1st Edition Jennifer Reed - Read The Ebook Online or Download It To Own The Full Content
100% (4)
1548microsoft 365 For Dummies 1st Edition Jennifer Reed - Read The Ebook Online or Download It To Own The Full Content
50 pages
ANALYSIS INTEGRITY OF THE PATTERSON GIMLIN FILM IMAGE - Final PDF
No ratings yet
ANALYSIS INTEGRITY OF THE PATTERSON GIMLIN FILM IMAGE - Final PDF
39 pages
Upendra Internship Final
No ratings yet
Upendra Internship Final
39 pages
LPS 3
No ratings yet
LPS 3
10 pages
Advances in Neural Rendering
No ratings yet
Advances in Neural Rendering
33 pages
Engineering Skills Training Centre (ESTC) Prospectus 2025-1
No ratings yet
Engineering Skills Training Centre (ESTC) Prospectus 2025-1
53 pages
SC5520GWV Data Sheet
No ratings yet
SC5520GWV Data Sheet
2 pages
Xage-WP-Zero Trust Access and Protection For The Whole Enterprise
No ratings yet
Xage-WP-Zero Trust Access and Protection For The Whole Enterprise
15 pages
SAFETY106714
No ratings yet
SAFETY106714
14 pages
LC 33
No ratings yet
LC 33
2 pages
Network License Plate Camera Manual
No ratings yet
Network License Plate Camera Manual
24 pages
Hacking of Computer Networks: Full Course on Hacking of Computer Networks
From Everand
Hacking of Computer Networks: Full Course on Hacking of Computer Networks
Dr. Hidaia Mahmood Alassouli
No ratings yet
Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks
From Everand
Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks
Dr. Hidaia Mahmood Alassouli
No ratings yet
Some Tutorials in Computer Networking Hacking
From Everand
Some Tutorials in Computer Networking Hacking
Dr. Hidaia Mahmood Alassouli
No ratings yet
Linux System Administrator Interview Questions You'll Most Likely Be Asked
From Everand
Linux System Administrator Interview Questions You'll Most Likely Be Asked
Vibrant Publishers
No ratings yet