Submergenc3/RoadMap

GitBook: OSCP RoadMap

OSCP Roadmap:

Level 1 :

General Terminology:

• 100 Top Computer Security Questions and Answers

• 100 Top Networking Questions and Answers

• 10 things InfoSec professionals need to know about networking

Books :

• Volient Python

• Black Hat Python Intermediate Python

• Wireshark Essentials by James Baxter

• Kali Linux: Wireless Penetration Testing Beginner's Guide by Vivek Ramachandran (Author), Cameron Buchanan Beginners

Online Courses

• Volume I : The Complete Cyber Security Course by Nathan House Intermediate Level

• Volume II: The Complete Cyber Security Course by Nathan House --> Intermediate Level

• Volume III: The Complete Cyber Security Course by Nathan House --> Intermediate Level

• Volume IV: The Complete Cyber Security Course by Nathan House

• System Security: Basic to advance level course by infySEC UK (5 starts for the delivery of the concepts) --> Basic Level

• Malware and Security course by infySEC UK (5 starts for the delivery of the concepts) --> Intermediate Level

• CompTIA Security + Courses by PluralSight good for general concetps [1-6]

  • 1 DONE

• Web Application Penetration Testing Fundamentals by Mike Woolard pluralsight (90% Theory, 10% hands-on)

• Ethical Hacking: Hacking Web Applications by Troy Hunt Pluralsight - Theory

OS Commands:

Linux:

• 100 Common Linux Commands

Windows:

• Common Windows Commands

Git Commands

• Basic Git Commands

Programming & Scripting

Python

• Import Python - A collection of Python books from novice to expert

• Python for Beginners by Alex Bowers

• Complete Python BootCamp by Jose Portilla :

• Ultimate Python Programming Tutorial by Infinite Skills

• Introduction to Python for beginners

• Python Tutorials by Code Academy

• Treehouse Django Tutorials

• Django Tutorials for Beginners by NewBoston

• Django Tutorial: Build your first Fast & Free by BlueApple

• Python for Security

• Python Developer Career Path

JavaScript

• Free Code Camp

• Web Development BootCamp by Colt Steele (Udemy online Course)

• Ultimate Web Designer and Developer Course by Brad Hussey

• The Compelete Web Developer Course- Build 14 website v1.0 by Rob Percival

• JavaScript from Beginner to Expert by Arkadiusz Włodarczyk

• Projects in JavaScript & jQuery by Edonix

• The Complete BootStrap: Master Class Course Build 4 projects by Joe Parys

C Programming:

• C programming Tutorials by NewBoston

• Computer Systems programming in C by q Liu

• C Programming in Linux Tutorial by ShellWaveX

• C Programming Tutorials by the Bad Tutorials

Youtube:

• NMap 101 byHAK5 --> Basic Level

• Netcat by HAK5 -->Basic Level

Projects:

• Open Gate

• KeyPlexer

• Firewall Rules

       

---

Level 2:

Books:

• Effective Python for Penetration Testing by Rejah Rehim

  • Chapter9 : Automation of tools

• Linux Bible

• Google Dorks

  • Chapter2: Advanced Operators

 

Online Courses

• PTS Hands-on Courses

  Notes:

  • Networking

  • Web Application

  • Pentesting

  • Vulnerability Assessment

    • Metasploit Commands

  • Web Attacks:

    • Introduction

  • System Attacks

  • Network Attacks

• SQL Injection by Cybrary  Quick general overview about SQL injection[Not deep]

Tools &Commands :

• General Commands

• Nmap

• Ncat

• fping

• Telnet

• Open_SSL

• Dirbuster

• Nessus

• BurpSuite

• OWASP ZAP

• Wireshark

• Sysinternal whois

• p0f

• [Nexpose]

• [sQLmap]

• [Firebug]

• [OpenVas]

       

Level 3

PTP Roadmap by eLearningSecurity :

• Web Security

• Network Security

• System Security

• Wifi Security

• Ruby & Metasploit

 

Web Security :

Books:

• The Web Application Hacker's Handbook Finding and Exploiting Security Flaws Kindle Edition by Dafydd Stuttard - 2011 Level: Intermediate  

  • Chapter 9 Notes for SQL

  • Chapter 12 Noted for XSS

   

Courses:

• PTP NOTES

  • General Notes from PTP

  • SQL Notes:

  • XSS Notes:

• Learning Website Pentesting from scratch by Zaid Sabih Udemy Level: Beginners -- Intermediate

• Web Application Penetration Testing with Burp Suite By Sunny Wear PluralSight

• CEH Web Security Section by

• SQL Injection by Tron Hunt PluralSight

 

Hands-on:

• Pentesterlab

• Over The Wire - Natas

 

CheatSheet:

• XSS Payloads

• SQLInjections

• Extra Resources: Shell Uploads

• Extra Resources: Shell uploads

     

Network Security:

Courses:

• PTP
• CompTIA SY0-401 Security+ Certification by Professor Messer

Hands-on:

• Network Analysis By CyberSkyline (Cybrary)

• Log Analysis by CyberSkyline (Cybrary)

 

Books:

• The Network Security Test Lab: A Step-by-Step Guide

• The Web Application Hacker's Handbook Finding and Exploiting Security Flaws Kindle Edition by Dafydd Stuttard

• Burp Suite Essentials

• Nmap 6 Cookbook: The Fat Free Guide to Network Security Scanning

• Coding for Penetration Testers, Second Edition: Building Better Tools 2nd Edition

 

Extra Courses:

• Play by Play: Exploring the Internet of Vulnerabilities

• Debugging the Web with FireBug, WebDeveloper, and Fiddler By Shawn Wildermuth PluralSight

• Pentester Academy

• eCPPT Review

• eCPPT Review

• BREAKING INTO INFOSEC: A BEGINNERS CURRICULUM

     

Level 4

Reviews:

• Offensive Security Certified Professional (OSCP) Review by Jim Wilbur

• My experience with the OSCP certification Daniel Tomescu

• OSCP-prep

• OSCP Survival Guide

• OSCP by John Kennedy

• Abatchy Blog

• OSCP by techexam

• OSCP Review

• OSCP Prep

• Infosec Review

• oscp Review

• A Detailed Guide on OSCP Preparation – From Newbie to OSCP