Table of Contents
Step | Tutorial |
---|---|
1. | Introductory Networking |
2. | What is Networking? |
3. | DNS in detail |
4. | Intro to Lan |
5. | Linux Fundamentls |
6. | Python Basic |
7. | OWASP Top 10 |
8. | OWASP Juice Shop |
9. | Network exploitation |
10. | Web Exploitation |
11. | Metasploit |
12. | Vulnversity |
13. | Basic Pentesting |
14. | Rooms |
You can skip any of the tutorials if you don't wanna learn them.
Learn Linux because it's better than Windows.
Tutorial | Tags |
---|---|
Linux Fundamentals Part 1 | Filesystem, Search File, Shell Operators |
Linux Fundamentals Part 2 | Flags, Switches, Permissions, Common Directories |
Linux Fundamentals Part 3 | Terminal Text Editor, General Utilities, Process 101, Automation, Package Manager, Logs |
Learning network exploitation is a fundamental but if you want to skip it its cool.
Tutorial | Tags |
---|---|
DNS in detail | What is DNS, Domain Hierarchy, Record Types, Making A Request |
DNS Manipulation | DNS, How to manipulate DNS records |
Intro to Lan | LAN Topologies, Subnetting, ARP, DHCP |
Nmap | Switches, TCP Connect, SYN, UDP, NULL, FIN, Xmas, Scripts, Firewall Evasion |
Nmap Live Host Discovery | Security, Mapping, Network |
RustScan | Security, PortScanner, Extensible, Fast |
Wireshark: The Basics | Tool to analyze network traffic |
Traffic Analysis Essentials | Wireshark, Network Security, PCAP, Network Analysis |
TShark | Tool and usage |
Exploiting the web is the best part and mostly the easiest so learning this skill will help you out in all ways possible.
Tutorial | Tags |
---|---|
HTTP in detail | HTTPS, Request, Response, HTTP Methods, HTTP Status Codes, Headers, Cookies |
Walking An Application | Exploring the website, Developer Tools (Inspector, Debugger, Network) |
Web Application Security | Web Application Security Risks, Example of Web App Security |
Intro To Offensive Security | Offensive Security |
Content Discovery | Security, Web |
ffuf | Directory bruteforcing, fuzzing |
Burp Suite: The Basics | Introduction, Installation, Dashboard, Navigation, Options, Burp Proxy, FoxyProxy, BurpSuite Browser |
Burp Suite: Repeater | Repeater, Basic Usage, Inspector |
Hydra | Bruteforcing, Commands, Command Flags |
SQL Injection | Databases, SQL, SQLi, Authentication Bypass, Boolean Based, Time Based, Out-of-Bound SQLi |
SQLMAP | Usage, Commands, Command Flags |
SQL Injection Lab | Security, SQLI, SQLMap, Web |
NoSQL injection Basic | Basics, Bypassing, Logging in as other Users, Extracting Passwords |
SSTI | Detection, Identification, Syntax, Exploitation |
Javascript Basics | Javascript, Variables, itd. |
Metasploit is a great tool for penetration testing and it should be learnt.
Tutorial | Tags |
---|---|
Metasploit: Introduction | |
Wreath | Pivoting, Empire, AV evasion, Network |
Here you will learn how to exploit windows, Windows AD, and Windows Servers
Tutorial | Tags |
---|---|
Windows Fundamentals 1 | Windows, Fundamentals |
Windows Fundamentals 2 | Windows, Fundamentals, UAC, MSConfig |
Windows Fundamentals 3 | Windows, BitLocker, Windows Security |
Attacktive Directory Basics | AD, Windows |
AD Certificate Templates | AD Certificates, Misconfiguration |
Attacktive Directory | Active Directory, Kerberos, SMB |
Enumerating Active Directory | AD, Sharphound |
Breaching Active Directory | AD |
Windows PrivEsc | Privilege escalation |
Don't learn crypto
Tutorial | Tags |
---|---|
Encryption-Crypto 101 | Security, Crypto, 101, Encryption |
Cryptography For Dummies | Cryptography, Easy |
OSINT is a way of passively getting information from the web about a user.
Tutorial | Tags |
---|---|
OhSINT | OSINT, Internet, Dorks |
Recon is a way of gathering information about a system.
Tutorial | Tags |
---|---|
Passive Reconnaissance | Security, Reconnaissance, Footprinting |
Active Reconnaissance | Networking, Linux, Security |
Read Team Recon | Security, Recon-ng, Maltego, dig |
Learn digital forensics and related processes and experiment with practical examples.
Tutorial | Tags |
---|---|
Intro to Digital Forensics | Security, Digital Forensics, Metadata |
Windows Forensics 1 | Forensics, Registry, Blue |
Disk Analysis | Autopsy, Medium |
These are other tutorials which you can do to deepen your knowledge.
Tutorial | Tags |
---|---|
Pentesting Fundamentals | Cybersecurity, Framework, Penetration Testing, Ethics |
Blue | Windows, Eternal Blue, MS17-010, CVE2017-0144 |
Intro to Docker | What is docker, How is it used |
The Great Escape | Escaping Docker |
Android Hacking 101 | Android Hacking, Exploiting |
REmux The Tmux | Terminal multiplexer |
Introduction To Flask | Python, Flask, Web |
Rooms are mostly like CTF challenges where you hack it. Pick some of them to sharpen your skills in different fields of hacking.
Room | Tags |
---|---|
Intermediate Nmap | Nmap, netcat |
Pickle Rick | CTF, Dirbuster, Linux |
Kenobi | Samba, Path Var Manipulation, SUID, SMB |
RootMe | Security, Web, Linux, Privilege Escalation |
VulnNet | Linux, Web, PHP, Privilege Escalation |
VulnNet: dotjar | Linux, Web, Java, Privilege Escalation |
VulnNet: Internal | Linux, Enumeration, Pivoting, Privilege Escalation |
VulnNet: Active | Windows Server, Enumeration, PowerShell, Command Injection |
VulnNet: dotpy | Python, Linux, Web, Privilege Escalation |
VulnNet: Roasted | Windows Server, Active Directory, Enumeration, Roasting |
VulnNet: Node | Linux, Web, Javascript, NodeJS, Privilege Escalation |
VulnNet: Endgame | Security, Penetration Testing, Linux, Web |
Templates | Pug Template engine |
That's The Ticket | Security, Web, XSS, DNS |
Linux PrivEsc | Privilege Escalation, Linux |
Linux Agency | Linux, Privilege Escalation, Sudo, Docker |