penetration testing road map

Chapter 1: Basics & Environments

• Attacks outside and inside networks (Overview)
• Introduction to Linux & useful commands
• Introduction to Windows CMD & PowerShell commands

Chapter 2: Linux & Systems

• Deep dive into Linux commands
• Essential OS concepts (processes, services, permissions)
• File system, users, cron jobs, etc.

Chapter 3: Websites & Vulnerabilities

• Website structure and technologies (HTML, JS, PHP...)
• Most known web vulnerabilities:
- SQL Injection, XSS, CSRF, SSRF, XXE, IDOR, Path Traversal, etc.

Chapter 4: Network Attacks & Practice

• Network scanning & sniffing
• WiFi Attacks: Deauth, Evil Twin, ARP Poisoning
• DNS Spoofing & MITM techniques
• Practice for each explained attack

Chapter 5: Privilege Escalation & Red Team

• Privilege Escalation in Linux & Windows
• Writing simple malware tools (keylogger, reverse shell)
• Red Team mindset and techniques

Chapter 6: Real Practice & CTFs

• Writing professional bug bounty reports
• Real world CTF challenges
• Final roadmap review & self-evaluation