# RoadMap / Exam Preparation

[![](https://github.com/sidneysimas/eCPPTv2-PTP-Notes/raw/main/.gitbook/assets/image%20\(1\).png)](https://github.com/sidneysimas/eCPPTv2-PTP-Notes/blob/main/.gitbook/assets/image%20\(1\).png)

Here below the **path** I used and which I would recommend to reach a level necessary to pass the exam. 👇

### Background Information

* OpenVPN 🏠 [THM Room](https://tryhackme.com/room/openvpn)
* Linux Fundamentals Module 🏠 [THM Room](https://tryhackme.com/module/linux-fundamentals)
* Windows Fundamentals Module 🏠 [THM Room](https://tryhackme.com/module/windows-fundamentals)
* What is Networking 🏠 [THM Room](https://tryhackme.com/room/whatisnetworking)
* Intro To Networking 🏠 [THM Room](https://tryhackme.com/room/introtonetworking)
* Intro To LAN 🏠 [THM Room](https://tryhackme.com/room/introtolan)
* HTTP in Detail 🏠 [THM Room](https://tryhackme.com/room/httpindetail)
* DNS in Detail 🏠 [THM Room](https://tryhackme.com/room/dnsindetail)
* Intro To Offensive Security 🏠 [THM Room](https://tryhackme.com/room/introtooffensivesecurity)
* Pentesting Fundamentals 🏠 [THM Room](https://tryhackme.com/room/pentestingfundamentals)
* Passive Recon 🏠 [THM Room](https://tryhackme.com/room/passiverecon)
* Intro to Research 🏠 [THM Room](https://tryhackme.com/room/introtoresearch)
* Google Dorking 🏠 [THM Room](https://tryhackme.com/room/googledorking)
* Python Basics (*to understand the working of exploit*) 🏠 [THM Room](https://tryhackme.com/room/pythonbasics)
* Active Recon 🏠 [THM Room](https://tryhackme.com/room/activerecon)
* Vulnerabilities 101 🏠 [THM Room](https://tryhackme.com/room/vulnerabilities101)
* Reverse Shell & Bind Shell 🗒️ [Hacking Tutorials Article](https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/)
* eJPTv2 Ine Full Course 🗒️ [eJPTv2 Notes](https://app.gitbook.com/o/s2H3MdEB0Qp2IbE58Gxw/s/PNcjhcAuvH4mlZKYrNu3/)
* ⏩ [Linux Course](https://www.youtube.com/watch?v=qcX89gkdlYs\&list=PLKZZXjqZrqQvfAhgY7Nit5ynpK3kN_3tx) (Italian)🤌 🇮🇹
* ⏩ [Ethical Hacking Course](https://www.youtube.com/watch?v=L90xYiqqjBI\&list=PLKZZXjqZrqQtKGgJuAYhzYczf1KIdswvO\&pp=iAQB) (Italian)🤌 🇮🇹

### Tooling

* BurpSuite: The Basics 🏠 [THM Room](https://tryhackme.com/room/burpsuitebasics)
* BurpSuite: Repeater 🏠 [THM Room](https://tryhackme.com/room/burpsuiterepeater)
* Hydra 🏠 [THM Room](https://tryhackme.com/room/hydra)
* Nmap 🏠 [THM Room](https://tryhackme.com/room/rpnmap)
* Nmap Live Host Discovery 🏠 [THM Room](https://tryhackme.com/room/nmap01)
* Metasploit: Introduction 🏠 [THM Room](https://tryhackme.com/room/metasploitintro)
* Metasploit 🏠 [THM Room](https://tryhackme.com/room/metasploitintro)
* More Detailed Tutorial of Metasploit 🗒️ [NoobLinux Article](https://nooblinux.com/metasploit-tutorial/)
* Nessus 🏠 [THM Room](https://tryhackme.com/room/rpnessusredux)
* WireShark The Basics 🏠 [THM Room](https://tryhackme.com/room/wiresharkthebasics)
* Tmux 🏠 [THM Room](https://tryhackme.com/room/rptmux)
* TShark 🏠 [THM Room](https://tryhackme.com/room/tshark)
* H4cked 🚩 [THM CTF](https://tryhackme.com/room/h4cked) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/h4cked)
* Smag Grotto 🚩 [THM CTF](https://tryhackme.com/room/smaggrotto) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/smag-grotto)
* Lazy Admin 🚩 [THM CTF](https://tryhackme.com/room/lazyadmin) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/lazyadmin)
* Carnage 🚩 [THM CTF](https://tryhackme.com/room/c2carnage) 🟠 - My Writeup
* Warzone 1 🚩 [THM CTF ](https://tryhackme.com/room/warzoneone)🟠 - My Writeup
* Mr Robot CTF 🚩 [THM CTF ](https://tryhackme.com/room/mrrobot)🟠 - My Writeup
* Anonymous 🚩 [THM CTF ](https://tryhackme.com/room/anonymous)🟠 - My Writeup
* Misguided Ghost 🚩 [THM CTF ](https://tryhackme.com/room/misguidedghosts)🔴 - My Writeup

### Web

* [PortSwigger Web Sec Academy](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/#portswigger-web-security-academy)
* [DVWA](https://app.gitbook.com/o/s2H3MdEB0Qp2IbE58Gxw/s/l27MAim0y0z73W12Z3gU/)
* [Mutillidae II](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/mutillidae-ii)
* [SecureBank](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/secure-bank)
* OWASP top 10 🏠 [THM Room](https://tryhackme.com/room/owasptop10)
* Inclusion 🏠 [THM Room](https://tryhackme.com/room/inclusion)
* Injection 🏠 [THM Room](https://tryhackme.com/room/injection)
* Web Application Security 🏠 [THM Room](https://tryhackme.com/room/introwebapplicationsecurity)
* Overpass2 🚩 [THM CTF](https://tryhackme.com/room/overpass2hacked) 🟢 - My Writeup
* Vulnversity 🚩 [THM CTF](https://tryhackme.com/room/vulnversity) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/vulnversity)
* Basic Pentesting 🚩 [THM CTF](https://tryhackme.com/room/basicpentestingjt) 🟢
* StartUp 🚩 [THM CTF](https://tryhackme.com/room/startup) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/startup)
* All In One 🚩 [THM CTF](https://tryhackme.com/room/allinonemj) 🟠 - My Writeup
* Daily Bugle 🚩 [THM CTF](https://tryhackme.com/room/dailybugle) 🔴 - My Writeup

### Post Exploitation

* Post Exploitation Basics 🏠 [THM Room](https://tryhackme.com/room/postexploit)
* Sudo Security Bypass 🏠 [THM Room](https://tryhackme.com/room/sudovulnsbypass)
* Windows Privilege Escalation 🗒️ [Hackersploit Article](https://hackersploit.org/windows-privilege-escalation-fundamentals/)
* Windows Privesc Arena 🏠 [THM Room](https://tryhackme.com/room/windowsprivescarena)
* Linux Privesc Arena 🏠 [THM Room](https://tryhackme.com/room/linuxprivescarena)
* Windows Privesc 🏠 [THM Room](https://tryhackme.com/room/windows10privesc)
* Bypass UAC 🏠 [THM Room](https://tryhackme.com/room/bypassinguac)
* ⏩ [MsfVenom Guide](https://www.youtube.com/watch?v=XLWyjN_eBhw) (Spanish) 🇪🇸
* Simple CTF 🚩 [THM CTF](https://tryhackme.com/room/easyctf) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/simple-ctf)
* Blaster 🚩 [THM CTF](https://tryhackme.com/room/blaster) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/blaster)
* Blue 🚩 [THM CTF](https://tryhackme.com/room/blue) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/eternal-blue)
* Bounty Hacker 🚩 [THM CTF](https://tryhackme.com/room/cowboyhacker) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/bounty-hacker)
* Ignite 🚩 [THM CTF](https://tryhackme.com/room/ignite) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/ignite)
* Kenobi 🚩 [THM CTF](https://tryhackme.com/room/kenobi) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/kenobi)
* Capture the flag 🚩 [THM CTF](https://tryhackme.com/room/c4ptur3th3fl4g) 🟢 - My Writeup
* Pickle Rick 🚩 [THM CTF](https://tryhackme.com/room/picklerick) 🟢 - [My Writeup](https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/thm/pickle-rick)
* Empline 🚩 [THM CTF](https://tryhackme.com/room/empline) 🟠 - My Writeup
* Internal 🚩 [THM CTF](https://tryhackme.com/room/internal) 🔴 - My Writeup

### Other Resources

* eCPPT Field Manual: <https://drive.google.com/file/d/1wC7RMTrWjt74rO8u4X-zM89T_hZzF_A5/edit>
* <https://medium.com/@dev-angelist/how-to-get-into-cybersecurity-with-no-experience-a51038ea70f6>

## Guidelines and Templates

Can be useful follow these guidelines and templates:

### [Te**sting Checklist and Template**](https://github.com/OWASP/wstg/tree/master/checklists)

[OWASP - Web Security Testing Guide](https://owasp.org/www-project-web-security-testing-guide/stable/)

* [OWASP Testing Checklist (Excel)](https://raw.githubusercontent.com/OWASP/wstg/master/checklists/checklist.xlsx)
* [OWASP Testing Checklist (Markdown)](https://raw.githubusercontent.com/OWASP/wstg/master/checklists/checklist.md)
* [Google Spreadsheet template](https://docs.google.com/spreadsheets/d/1csiYqA3DXhpz69K2JCLKN4H-kzkRFlFi/copy?copyCollaborators=false\&copyComments=false\&title=WSTG+Checklist)

### Other Guides/Template

* [reporting\_guide](https://dsxte2q2nyjxs.cloudfront.net/reporting_guide.pdf)
* [randorisec](https://www.randorisec.fr/publications/randorisec-pentest-report-thehive-v1-0-tlp_white.pdf)
* [TCM-Security](https://github.com/hmaverickadams/TCM-Security-Sample-Pentest-Report/blob/master/Demo%20Company%20-%20Security%20Assessment%20Findings%20Report.docx)
* [OSCP Template](https://github.com/noraj/OSCP-Exam-Report-Template-Markdown/blob/master/output/examples/OSCP-exam-report-template_OS_v2.pdf)
* [HackTheBox Template](https://www.hackthebox.com/storage/press/samplereport/sample-penetration-testing-report-template.pdf)
* <https://github.com/Syslifters/sysreptor>

### [**Reporting**](https://github.com/sidneysimas/eCPPTv2-PTP-Notes/blob/main/readme/metasploit-and-ruby-1)

* 🗒️[How to write a PT Report — My Notes](https://dev-angelist.gitbook.io/eccptv2-ptp-notes/readme/metasploit-and-ruby-1/7.1)
* ⏩ [Writing a PT Report — TCM](https://www.youtube.com/watch?v=EOoBAq6z4Zk\&t=102s)
* ⏩ [ITProTV Report](https://www.youtube.com/watch?v=NEz4SfjjwvU\&list=WL\&index=11)
* ⏩ [OSCP — How to Take Effective Notes](https://www.youtube.com/watch?v=yYmDQY1zKKE)
* ⏩ [OSCP — How to Write a Report](https://www.youtube.com/watch?v=Ohm0LhFFwVA)

### CheatSheet <a href="#user-content-e940" id="user-content-e940"></a>

* 🗒️[ eWPT - CheatSheet](https://dev-angelist.gitbook.io/ewptv2-notes/ewpt-cheat-sheet)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://dev-angelist.gitbook.io/ewptv2-notes/roadmap-exam-preparation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.