30-Day PenTest Learning Plan

This document provides a list of 30 cybersecurity training resources and tasks to complete over 30 days of practice penetration testing. The list includes learning paths on incident response, the cyber kill chain, MITRE ATT&CK, and GTFOBins. It also provides vulnerable machines on VulnHub and Hack The Box as well as web application hacking courses and challenges covering topics like SQL injection, JWT security, API testing, and Active Directory penetration testing. The document emphasizes that the 30 days does not need to be consecutive and allows flexibility in how one organizes their time.

Uploaded by

Kamaruzzaman Puvvathi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

551 views4 pages

30-Day PenTest Learning Plan

Uploaded by

Kamaruzzaman Puvvathi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

30 days of Practice PenTest?

#2
#30DAYSOFPENTEST

Organize as you wish, it has no focus, no deadline, 30 days

does not necessarily mean 30 consecutive days.
1) Incident Responder Path
https://app.letsdefend.io/path/incident-responder-path
2) Cyber Kill Chain
https://app.letsdefend.io/training/lessons/cyber-kill-chain
3) Mitre Att&ck
https://app.letsdefend.io/training/lessons/mitre-attck-
framework
4) GTFOBins
https://app.letsdefend.io/training/lessons/gtfobins
5) Hacked Web Server Analysis
https://app.letsdefend.io/training/lessons/hacked-web-
server-analysis
6) Matrix-Breakout 2: Morpheus
https://www.vulnhub.com/entry/matrix-breakout-2-
morpheus,757/
7) DigitalWorld.Local: Electrical
https://www.vulnhub.com/entry/digitalworldlocal-
electrical,747/
8) Gemini Inc 2
https://www.vulnhub.com/entry/gemini-inc-2,234/
9) Pilgrimage
https://app.hackthebox.com/machines/Pilgrimage
10)Topology
https://app.hackthebox.com/machines/Topology
11)PC
https://app.hackthebox.com/machines/PC
12)Busqueda
https://app.hackthebox.com/machines/Busqueda
13)Routing-Based SSRF
https://portswigger.net/web-security/host-
header/exploiting/lab-host-header-routing-based-ssrf
14) Blind SSRF with Shellshock exploitation
https://portswigger.net/web-security/ssrf/blind/lab-
shellshock-exploitation
15) SQL injection vulnerability allowing login bypass
https://portswigger.net/web-security/sql-injection/lab-login-
bypass
16) Blind SQL injection with conditional responses
https://portswigger.net/web-security/sql-injection/blind/lab-
conditional-responses
17)OWASP WrongSecrets
https://github.com/OWASP/wrongsecrets
18)Security CTF AWS 101
https://r00tz-ctf.awssecworkshops.com/
19) Attacking and Defending AWS
https://resources.tryhackme.com/attacking-and-defending-
aws
20) PenTesting Cloud Learning
https://pentesting.cloud/
21) Cerberus
https://app.hackthebox.com/machines/Cerberus
22) Coder
https://app.hackthebox.com/machines/Coder
23)Free Web Hacking Course
https://davidbombal.com/free-web-hacking-course/
24) JWT Hacking Challenges
https://github.com/onsecru/jwt-hacking-challenges
https://systemweakness.com/hacking-jwt-3324cba98210
25) JWT Security
https://portswigger.net/web-security/jwt
26) Threat and Vulnerability Management
https://tryhackme.com/module/threat-and-vulnerability-
management
27) Derailed
https://app.hackthebox.com/machines/Derailed
28) API PenTest
https://www.apisecuniversity.com/courses/api-penetration-
testing
29) Active Directory PenTesting
https://dev.to/adamkatora/building-an-active-directory-
pentesting-home-lab-in-virtualbox-53dc
30) GOAD (Game of Active Directory)
https://github.com/Orange-Cyberdefense/GOAD
My LinkedIn: https://www.linkedin.com/in/joas-antonio-
dos-santos/

Active Directory Offensive Enumeration Guide
No ratings yet
Active Directory Offensive Enumeration Guide
13 pages
Offensive Security OSDA Exam Report
No ratings yet
Offensive Security OSDA Exam Report
17 pages
eWPTX Preparation by Joas
No ratings yet
eWPTX Preparation by Joas
1 page
Attacked From Behind Application PDF
No ratings yet
Attacked From Behind Application PDF
24 pages
Cybersecurity Vulnerability Report
No ratings yet
Cybersecurity Vulnerability Report
5 pages
Metasploit Pro Certified Specialist Student Lab Guide
100% (1)
Metasploit Pro Certified Specialist Student Lab Guide
30 pages
Active Directory Privilege Escalation Hardening
No ratings yet
Active Directory Privilege Escalation Hardening
22 pages
SEC542 CTF Draft Presentation
No ratings yet
SEC542 CTF Draft Presentation
7 pages
AD PenTesting Tools Guide
100% (3)
AD PenTesting Tools Guide
14 pages
Perform A Web Penetration Test
No ratings yet
Perform A Web Penetration Test
197 pages
CTF Tips for Hackthebox & Vulnhub
100% (1)
CTF Tips for Hackthebox & Vulnhub
15 pages
Pentest Checklists
100% (1)
Pentest Checklists
20 pages
Sample Report
No ratings yet
Sample Report
11 pages
AMSI Bypasses and Sandbox Evasion
No ratings yet
AMSI Bypasses and Sandbox Evasion
109 pages
Pentesting Active Directory
No ratings yet
Pentesting Active Directory
1 page
Chapter 02 - Information Gathering - Handout
No ratings yet
Chapter 02 - Information Gathering - Handout
104 pages
Comprehensive Guide to Pass-the-Hash Attacks
No ratings yet
Comprehensive Guide to Pass-the-Hash Attacks
29 pages
Android Pentest Course - 231111 - 234710
No ratings yet
Android Pentest Course - 231111 - 234710
7 pages
How-To: DNS Enumeration: Author: Mohd Izhar Ali
No ratings yet
How-To: DNS Enumeration: Author: Mohd Izhar Ali
13 pages
Hunting For Privilege Escalation in Windows Environment
No ratings yet
Hunting For Privilege Escalation in Windows Environment
99 pages
Active Directory Pentesting Guide
100% (1)
Active Directory Pentesting Guide
13 pages
OSWA OS XXXXXX Exam Report
100% (1)
OSWA OS XXXXXX Exam Report
17 pages
SMB Enumeration
100% (1)
SMB Enumeration
23 pages
Cybersecurity Reconnaissance Guide
No ratings yet
Cybersecurity Reconnaissance Guide
15 pages
SMB Penetration Testing
No ratings yet
SMB Penetration Testing
15 pages
Azure & AWS Cloud Pentesting Guide
No ratings yet
Azure & AWS Cloud Pentesting Guide
21 pages
Module 06 - Network Penetration Testing Methodology-Internal
No ratings yet
Module 06 - Network Penetration Testing Methodology-Internal
272 pages
HTB Academy Report Template
No ratings yet
HTB Academy Report Template
24 pages
Advanced Web App Pen Testing Course
100% (1)
Advanced Web App Pen Testing Course
24 pages
OSDA Exam Report Template OS v1
100% (1)
OSDA Exam Report Template OS v1
8 pages
Web App Penetration Testing in Bug Bounties
No ratings yet
Web App Penetration Testing in Bug Bounties
57 pages
Windows Privilege Escalation - Logon Autostart Execution
No ratings yet
Windows Privilege Escalation - Logon Autostart Execution
10 pages
Pwnable Writeup
100% (1)
Pwnable Writeup
110 pages
Recon For Web Pen-Testing
100% (1)
Recon For Web Pen-Testing
17 pages
Mimikatz and Metasploit
100% (1)
Mimikatz and Metasploit
23 pages
Vuln Hub
No ratings yet
Vuln Hub
1 page
Active Directory Pentesting Notes
No ratings yet
Active Directory Pentesting Notes
14 pages
OSED Exam Report
No ratings yet
OSED Exam Report
5 pages
LabManual Sliver
No ratings yet
LabManual Sliver
214 pages
Active Directory Pentest Course-2
No ratings yet
Active Directory Pentest Course-2
109 pages
File Upload Exploitation
No ratings yet
File Upload Exploitation
36 pages
AD Penetration Testing + Red Team Tactics
50% (2)
AD Penetration Testing + Red Team Tactics
10 pages
Red-Teaming Active Directory Lab #3 (ELS - CORP) (Attack Path 2)
No ratings yet
Red-Teaming Active Directory Lab #3 (ELS - CORP) (Attack Path 2)
33 pages
FFUF Fuzzing Techniques Guide
100% (1)
FFUF Fuzzing Techniques Guide
3 pages
Advanced Windows Exploitation (AWE)
No ratings yet
Advanced Windows Exploitation (AWE)
4 pages
The Bug Hunters Methodology
No ratings yet
The Bug Hunters Methodology
79 pages
Syscall Evasion for Cyber Experts
100% (1)
Syscall Evasion for Cyber Experts
31 pages
CREST CPSA Technical Syllabus V2.5
No ratings yet
CREST CPSA Technical Syllabus V2.5
19 pages
© 2020 Caendra Inc. - Hera For PTX - Red-Teaming Active Directory Lab #2 (Els - Bank)
No ratings yet
© 2020 Caendra Inc. - Hera For PTX - Red-Teaming Active Directory Lab #2 (Els - Bank)
49 pages
Kerberos Attacks
No ratings yet
Kerberos Attacks
125 pages
AD Advanced Notes Hide01.Ir
No ratings yet
AD Advanced Notes Hide01.Ir
405 pages
OSCP 16 Week Study Plan
No ratings yet
OSCP 16 Week Study Plan
3 pages
CRTP Notes Meshari Almalki
No ratings yet
CRTP Notes Meshari Almalki
121 pages
AD Security & Red Team Training
No ratings yet
AD Security & Red Team Training
10 pages
Using CrackMapExec
No ratings yet
Using CrackMapExec
190 pages
Red Teaming: Active Directory Attack
No ratings yet
Red Teaming: Active Directory Attack
24 pages
Guide Penetration Testing Resource
No ratings yet
Guide Penetration Testing Resource
4 pages
Cyber Security
No ratings yet
Cyber Security
9 pages
My Road To Cybersecurity
No ratings yet
My Road To Cybersecurity
4 pages
1-Year Cybersecurity Study Guide-1
No ratings yet
1-Year Cybersecurity Study Guide-1
7 pages
RANSOMWARE Report 2024 1723186157
No ratings yet
RANSOMWARE Report 2024 1723186157
21 pages
Parental Control Guide en 240920 070318
No ratings yet
Parental Control Guide en 240920 070318
22 pages
Windows AD Exploitation Guide
No ratings yet
Windows AD Exploitation Guide
31 pages
Cybersecurity Interview Q&A Guide
No ratings yet
Cybersecurity Interview Q&A Guide
14 pages
Entry-Level Accounting Aspirant
No ratings yet
Entry-Level Accounting Aspirant
3 pages
E232 Qig
No ratings yet
E232 Qig
2 pages
CPWeek 10
No ratings yet
CPWeek 10
12 pages
Minor Project Report
No ratings yet
Minor Project Report
23 pages
Escarpit 1966 Book Revolution
100% (20)
Escarpit 1966 Book Revolution
151 pages
Ae Tt9 Gram Works 10
No ratings yet
Ae Tt9 Gram Works 10
2 pages
Chapter 2 Incidence Matrix-Dikonversi
No ratings yet
Chapter 2 Incidence Matrix-Dikonversi
14 pages
1 Hurford-ExclusiveInclusiveDisjunction-1974
No ratings yet
1 Hurford-ExclusiveInclusiveDisjunction-1974
4 pages
Chapter 2: Discourse and Grammar: Study Guide For Module No.
No ratings yet
Chapter 2: Discourse and Grammar: Study Guide For Module No.
5 pages
Garcia - DLL Math 7 Week 1
No ratings yet
Garcia - DLL Math 7 Week 1
20 pages
MATLAB Lab Introduction Guide
No ratings yet
MATLAB Lab Introduction Guide
16 pages
Database Join Techniques Guide
No ratings yet
Database Join Techniques Guide
15 pages
English Quantifiers Exercise
No ratings yet
English Quantifiers Exercise
1 page
Schubert Operators & K-Theory Formula
No ratings yet
Schubert Operators & K-Theory Formula
29 pages
Arnav Kumar WISC Report
No ratings yet
Arnav Kumar WISC Report
5 pages
ET501 Written Assignment Briefing 2021
No ratings yet
ET501 Written Assignment Briefing 2021
3 pages
7 Power Menace
100% (1)
7 Power Menace
2 pages
Session 1 Data Handling Marking Guideline
No ratings yet
Session 1 Data Handling Marking Guideline
6 pages
SOW ENGLISH YEAR 3 (SJK) 2024-2025 by RozayusAcademy
No ratings yet
SOW ENGLISH YEAR 3 (SJK) 2024-2025 by RozayusAcademy
12 pages
Analysis: Mastercard, Visa & Stripe Huge Push Into Stablecoin and AI Commerce
No ratings yet
Analysis: Mastercard, Visa & Stripe Huge Push Into Stablecoin and AI Commerce
18 pages
Pentecostal Hermeneutics
100% (2)
Pentecostal Hermeneutics
310 pages
AIDU WED Operation Manual
No ratings yet
AIDU WED Operation Manual
13 pages
Ready For Ielts Student S Book (Students)
No ratings yet
Ready For Ielts Student S Book (Students)
226 pages
Variety of Language
100% (1)
Variety of Language
10 pages
Megha Internship Report
No ratings yet
Megha Internship Report
18 pages
Simple Machines Crossword
No ratings yet
Simple Machines Crossword
3 pages
24.to Verb VS For Verb-Ing PDF
No ratings yet
24.to Verb VS For Verb-Ing PDF
5 pages
DSSSB TGT & PGT
No ratings yet
DSSSB TGT & PGT
22 pages
Catholic Wedding Ceremony Guide
100% (1)
Catholic Wedding Ceremony Guide
13 pages
PDP Context vs. EPS Bearer
100% (1)
PDP Context vs. EPS Bearer
1 page

30-Day PenTest Learning Plan

Uploaded by

30-Day PenTest Learning Plan

Uploaded by

30 days of Practice PenTest?

Organize as you wish, it has no focus, no deadline, 30 days

You might also like