Learning Tracks
Your roadmap to real skills.
Many tracks and dozens of sub-tracks. Every track starts with a free intro lesson.
Learning Tracks
Many tracks and dozens of sub-tracks. Every track starts with a free intro lesson.
Ethics and the Law (Mandatory First)
Internalise the legal frame for authorized testing before learning any technique.
What is Penetration Testing?
Understand ethical hacking, black/white/gray box testing types, and legal considerations.
Reconnaissance and Information Gathering
Use passive and active reconnaissance techniques including OSINT, Nmap, and DNS enumeration.
Scanning and Enumeration
Study port scanning and service enumeration in depth to identify potential entry points.
Exploitation Basics
Learn common exploit types and use Hydra for password attacks against practice targets.
Web Application Penetration Testing
Test web apps with BurpSuite for SQL injection and XSS using PicoCTF web challenges.
Post-Exploitation and Reporting
Learn post-exploitation concepts, privilege escalation, and write a professional pen test report.
Advanced Tools and CTF Practice
Use Wireshark and Nmap NSE scripts and complete a full CTF machine from start to finish.
Penetration Testing Resources and Next Steps
Explore curated resources, certifications (PenTest+, eJPT, OSCP, CEH), and CTF platforms.
Passion Project: HTB Starting Point Walkthrough
Complete an HTB Starting Point machine end-to-end and produce the professional pentest report.
Penetration Testing Job Readiness
Translate pentest skills into a resume, portfolio plan, and interview prep for junior pentest roles.