Penetration Testing Roadmap

Welcome to the Penetration Testing Roadmap repository! This guide provides a comprehensive collection of resources, certifications, tools, and methodologies to help you become proficient in penetration testing.

Web UI - https://securitycipher.com/penetration-testing-roadmap/

Table of Contents

• Certifications
• Cloud
• Compliance
• Cryptography
• Labs
• Networking
• OWASP Top 10
• OWASP Top 10 LLM
• Operating System
• Security Testing Approaches
• Terminology
• Threat Modeling
• Tools
• Vulnerabilities

Certifications

Explore various certifications that are valuable for penetration testers:

• CEH
• CISSP
• CompTIA Security+
• OSCP
• OSWE
• OSWP
• eJPT

Cloud

Learn about cloud security and related technologies:

• AWS
• Azure
• CIS Benchmark
• CloudSploit
• Conformity Knowledge Base
• Content Delivery Network (CDN)
• GCP
• Hybrid Cloud
• IaaS
• OCI
• PaaS
• Private Cloud
• Public Cloud
• SaaS
• ScoutSuite
• Serverless
• Top Cloud Security Risks

Compliance

Understand the various compliance frameworks:

• GDPR
• HIPAA
• ISO 27001
• PCI-DSS
• RBI

Cryptography

Explore cryptographic concepts and techniques:

• Certificate Authority (CA)
• Digital Signature
• Encryption and Decryption
• Hashing
• Obfuscation
• Public Key Infrastructure (PKI)
• SSL Handshake
• Salting

Labs

Get hands-on experience with various labs:

• Altoro Mutual
• HackTheBox
• Root Me
• TryHackMe
• VulHub
• Web Security Academy
• pwn.collage

Networking

Understand networking fundamentals and security:

• Common Protocols
• IDS
• IPS
• Network Topologies
• OSI Model
• Types of Networks
• VPN

OWASP Top 10

Explore the OWASP Top 10 vulnerabilities:

• Broken Access Control
• Cryptographic Failures
• Identification and Authentication Failures
• Injection
• Insecure Design
• OWASP Top 10
• SSRF
• Security Logging and Monitoring Failures
• Security Misconfiguration
• Software and Data Integrity Failures
• Vulnerable and Outdated Components

OWASP Top 10 LLM

Understand the OWASP Top 10 for Language Model Security:

• Excessive Agency
• Insecure Output Handling
• Insecure Plugin Design
• LLM OWASP Top 10
• Model Denial of Service
• Model Theft
• Overreliance
• Prompt Injection
• Sensitive Information Disclosure
• Supply Chain Vulnerabilities
• Training Data Poisoning

Operating System

Learn about different operating systems and their security:

• Android
• Linux
• MacOS
• Operating System Hardening
• Windows

Security Testing Approaches

Explore various security testing methodologies:

• DAST
• IAST
• SAST
• SCA
• Testing Approaches

Terminology

Understand key terminology used in security:

• CVE
• CVSS
• DMZ
• Defense in Depth
• Honeypots
• Jump Server
• MFA vs 2FA
• NIST Cybersecurity Framework
• OAuth 2.0
• SAML
• SIEM
• SSO

Threat Modeling

Learn about threat modeling methodologies:

• PASTA
• STRIDE
• Threat Modeling

Tools

Discover tools commonly used in penetration testing:

• Aircrack-ng
• Burp Suite
• Metasploit
• Nmap
• SQLMap
• Wireshark
• ZAP Proxy

Vulnerabilities

Understand different types of vulnerabilities:

• Buffer Overflow
• CSRF
• Clickjacking
• DNS Cache Poisoning
• Directory Traversal
• HTTP Parameter Pollution
• HTTP Request Smuggling
• Host Header Injection
• IDOR
• Insecure Deserialization
• LDAP Injection
• Open Redirect
• Privilege Escalation
• RCE
• Race Condition
• SQL Injection
• Server-Side Template Injection
• Session Fixation
• Session Hijacking
• Unrestricted File Upload
• XML Injection
• XSS
• XXE

---

Contributing

Contributions are welcome! If you would like to add more content or suggest improvements, please submit a pull request. All contributions will be reviewed by me before merging.