-
Learning Programing language (PHP, JS, MySQL)
- PHP: it will help to understand the applications so you should know it well
- JS: It will not just help you with JS and making new payloads, but it will make you to dig deep with the JS files it will give you some Cool things.
- MySQL: this will help to understand the SQL injection and making right queries when you trying to exploit.
-
Understand the vulnerabilities
- You should know what is the vulnerability, What Code makes this vulnerability, How to find this vulnerability in Applications, and How to solve it.
-
Playing CTF
- CTFs is have some real world examples for a vulnerabilities or CVEs or some new exploits you will know from it.
-
Do some Bug Hunting and this website will help BugBountyHunter.
- Watch this Methodology by Jason Haddix.
- Initially, you can start with hunting on programs that offer points to gain experience.
-
You can take eWAPTx & eWAPT
- eWAPT: it will be a good one in the beginning because it has some basics about Web Pen-Testing.
- eWAPTx: this one is advanced one you can start with it when you be at least good with the vulnerabilities and the matriales in eWAPT.
-
Web Pen-Testing Course by Ebrahem Hegazy (Arabic Course)
- This will help you to understand the vulnerabilities, how to send a right report, and will Bug Hunting live.
-
Network+
- It will make you understand network, Design and implement functional networks, and implement network security standard and protocols.
-
Linux+
- You will understand linux and how to use it from this course.
-
TCM TheCyberMentor Course
-
Scripting with Python or Bash
- Use any scripting language it will be you with automation.
-
Understanding Operating systems windows/linux (You can take OS course)
- taking a OS course it will make you understand the OS kernal and Memory Management.
-
Practice (it will be hard at first but after some tries, it will be okay)
- Solve machines on Vulnhub
- Solve machines on Hackthebox
-
Basic knowledge of Reverse Engineering
-
Certificates
- PTS (Beginners)
- PTP
- PTX
- OSCP
-
Learning Java & Create mobile apps to Practice
-
Basics of Linux (you can use this Book)
-
eMAPT Course (Its very basics)
- This is not the best one but it will give you the first step but it's not all think
-
SEC575 from SANS
-
FOR585 from SANS
-
Good Blog as Reference
-
To Practice you can try some Bug Bouny Hunt on programs use Mobile Apps
- This is a Roadmap from Muhammed Talaat
- How to Build Your Career in Malware Analysis (Arabic Session)