Learning paths
A guided progression from networking fundamentals to specialized offensive and defensive tracks. Pick a path or follow them in order.
- stage 01
Foundations
Build the bedrock every security professional needs: TCP/IP, the Linux command line, and scripting fundamentals in Python.
BeginnerCompTIA Security+TCP/IPBashPythonWireshark3 modules · 42hEnter path - stage 02
Reconnaissance & Scanning
Learn passive and active reconnaissance — strictly within authorized scope — using Nmap, Amass, and OSINT tooling.
BeginnereJPTOSINTNmapAmassScope rules2 modules · 28hEnter path - stage 03
Web Application Security
Hands-on exploration of injection, auth, access control, SSRF and more — defending and attacking with permission.
IntermediatePNPTOWASPBurp SuiteSQLiXSSSSRF3 modules · 56hEnter path - stage 04
Network Exploitation
Internal network attack chains: SMB, Kerberos, Active Directory abuse — performed only in licensed lab environments.
AdvancedOSCPActive DirectoryKerberosPivotingC22 modules · 64hEnter path - stage 05
Privilege Escalation
Identify misconfigurations, kernel quirks, and credential reuse leading to elevation — with mitigation guidance.
AdvancedOSCPLinPEASWinPEASToken abuse2 modules · 36hEnter path - stage 06
Reporting & Professional Practice
Engagement scoping, rules of engagement, executive summaries, CVSS, and remediation guidance.
IntermediatePNPTReportingCVSSScopingCommunication1 modules · 18hEnter path - stage 07
Specialization: Cloud Security
IAM misconfig, metadata services, container escapes — and the controls that stop them.
AdvancedCEHAWS IAMK8sContainer security1 modules · 40hEnter path - stage 08
Specialization: Mobile & IoT
Reverse engineering mobile apps and probing IoT firmware in lab conditions.
ExpertCEHFridaMobSFFirmware1 modules · 48hEnter path