🛣️RoadMap / Exam Preparation

Here below the path I used and which I would recommend to reach a level necessary to pass the exam. 👇

Background Information

• OpenVPN 🏠 THM Room

• Linux Fundamentals Module 🏠 THM Room

• Windows Fundamentals Module 🏠 THM Room

• What is Networking 🏠 THM Room

• Intro To Networking 🏠 THM Room

• Intro To LAN 🏠 THM Room

• HTTP in Detail 🏠 THM Room

• DNS in Detail 🏠 THM Room

• Intro To Offensive Security 🏠 THM Room

• Pentesting Fundamentals 🏠 THM Room

• Passive Recon 🏠 THM Room

• Intro to Research 🏠 THM Room

• Google Dorking 🏠 THM Room

• Python Basics (to understand the working of exploit) 🏠 THM Room

• Active Recon 🏠 THM Room

• Vulnerabilities 101 🏠 THM Room

• Reverse Shell & Bind Shell 🗒️ Hacking Tutorials Article

• eJPTv2 Ine Full Course 🗒️ eJPTv2 Notes

• eWPTv2 Ine full Course 🗒️ eWPTv2 Notes

• ⏩ Linux Course (Italian)🤌 🇮🇹

• ⏩ Ethical Hacking Course (Italian)🤌 🇮🇹

Tooling

• BurpSuite: The Basics 🏠 THM Room
• BurpSuite: Repeater 🏠 THM Room
• Hydra 🏠 THM Room
• Nmap 🏠 THM Room
• Nmap Live Host Discovery 🏠 THM Room
• Metasploit: Introduction 🏠 THM Room
• Metasploit 🏠 THM Room
• More Detailed Tutorial of Metasploit 🗒️ NoobLinux Article
• H4cked 🚩 THM CTF 🟢 - My Writeup
• Smag Grotto 🚩 THM CTF 🟢 - My Writeup
• Lazy Admin 🚩 THM CTF 🟢 - My Writeup
• Carnage 🚩 THM CTF 🟠 - My Writeup
• Warzone 1 🚩 THM CTF 🟠 - My Writeup
• Mr Robot CTF 🚩 THM CTF 🟠 - My Writeup
• Anonymous 🚩 THM CTF 🟠 - My Writeup
• Misguided Ghost 🚩 THM CTF 🔴 - My Writeup

Web

• PortSwigger Web Sec Academy
• DVWA
• Mutillidae II
• SecureBank
• OWASP top 10 🏠 THM Room
• Inclusion 🏠 THM Room
• Injection 🏠 THM Room
• Web Application Security 🏠 THM Room
• Overpass2 🚩 THM CTF 🟢 - My Writeup
• Vulnversity 🚩 THM CTF 🟢 - My Writeup
• Basic Pentesting 🚩 THM CTF 🟢
• StartUp 🚩 THM CTF 🟢 - My Writeup
• All In One 🚩 THM CTF 🟠 - My Writeup
• Daily Bugle 🚩 THM CTF 🔴 - My Writeup

Other Resources

• eCPPT Field Manual: https://drive.google.com/file/d/1wC7RMTrWjt74rO8u4X-zM89T_hZzF_A5/edit
• https://medium.com/@dev-angelist/how-to-get-into-cybersecurity-with-no-experience-a51038ea70f6

Guidelines and Templates

Can be useful follow these guidelines and templates:

Testing Checklist and Template

OWASP - Web Security Testing Guide

• OWASP Testing Checklist (Excel)
• OWASP Testing Checklist (Markdown)
• Google Spreadsheet template

Other Guides/Template

• reporting_guide
• randorisec
• TCM-Security
• OSCP Template
• HackTheBox Template
• https://github.com/Syslifters/sysreptor

Reporting

• 🗒️How to write a PT Report — My Notes
• ⏩ Writing a PT Report — TCM
• ⏩ ITProTV Report
• ⏩ OSCP — How to Take Effective Notes
• ⏩ OSCP — How to Write a Report

CheatSheet

• 🗒️ eWPTXv3 - CheatSheet