In-depth reading material across all cybersecurity domains. Structured into learning paths from beginner to expert.
Start from zero β navigation, files, permissions, processes, bash basics.
Windows OS, registry, services, file system, and PowerShell basics.
TCP/IP, subnetting, DNS, routing, OSI model, and packet analysis.
How HTTP works: methods, headers, cookies, proxies, and Burp basics.
Variables, functions, loops, file I/O, and scripting for automation.
Shell scripting, conditionals, loops, and automation on Linux.
Kali toolset, configuration, and staying organised during engagements.
The CIA triad, threat actors, vulnerability lifecycle, and security frameworks.
What pentesting is, legal context, scope, phases, and methodology.
Google dorking, Shodan, WHOIS, theHarvester, Maltego, and recon reports.
Scope documents, rules of engagement, and lab environment configuration.
Full pentest lifecycle: recon β scan β exploit β post-exploit β report.
Nessus, OpenVAS, prioritisation frameworks, and CVSS scoring.
Executive summaries, technical findings, remediation tables, and templates.
How CTFs work, common categories, tools, and tips for first-timers.
Client-server model, web technologies, cookies, sessions, and same-origin policy.
HTML structure, CSS, forms, and JavaScript basics for web security context.
In-band, blind, and out-of-band SQLi with manual and automated exploitation.
OWASP Top 10, Burp Suite advanced usage, and web pentest methodology.
Complete web attack track: injection, authentication, client-side, and serialisation.
Advanced techniques: request smuggling, deserialization, prototype pollution, and more.
HackerOne/Bugcrowd methodology, triaging, report writing, and maximising payouts.
CMD and PowerShell commands, scripts, and automation for enterprise environments.
AD architecture, objects, Kerberos, NTLM, GPOs, and trusts before attacking AD.
Deep dive into AD administration, enumeration, and attack paths.
BloodHound, PowerView, Kerberoasting, ASREPRoasting, and DACL abuse.
Full enterprise pentest from external recon to domain dominance.
C2 frameworks, tradecraft, OPSEC, persistence, and advanced lateral movement.
AV evasion, EDR bypass, AppLocker, AMSI bypass, and living-off-the-land.
SUID, sudo, services, tokens, DLL hijacking β complete privesc reference.
Wireshark, tcpdump, protocol analysis, and detecting anomalies in traffic.
SOC workflow, alert triage, SIEM platforms, and escalation procedures.
Complete SOC analyst track: detection, response, and documentation.
Writing detection rules, YARA, Sigma, and tuning for low false positive rates.
Hypothesis-driven hunting, data sources, TTP mapping, and Elastic/Splunk.
Evidence acquisition, chain of custody, disk and memory forensics fundamentals.
Incident lifecycle, communication, containment, eradication, and post-mortems.
Complete incident response from detection to lessons learned.
Static and dynamic analysis, sandboxes, deobfuscation, and IOC extraction.
Volatility 3, process analysis, code injection detection, and rootkit hunting.
x86/x64 assembly, registers, calling conventions, and reading disassembly.
Memory layout, protections (ASLR, NX, canaries), and exploitation primitives.
Stack overflows, SEH, egghunters, shellcoding on 32-bit Windows.
Heap exploitation, kernel basics, ROP chains, and 64-bit exploits.
ML/LLM concepts, AI system architecture, and threat landscape for AI.
Testing AI systems for vulnerabilities, prompt injection, and jailbreaks.
Using AI for phishing generation, log analysis, vulnerability research, and automation.
Advanced adversarial attacks on AI systems, data poisoning, and model extraction.
ES6+, DOM, async/await, and security implications of JavaScript.
SELECT, INSERT, JOIN, subqueries, and understanding SQL for injection attacks.
Memory management, pointers, and C++ for understanding binary vulnerabilities.
Java OOP, JVM, serialisation, and security-relevant Java concepts.
.NET, C# basics, and Windows development context for security work.
Input validation, output encoding, and secure SDLC practices.
Secure Java coding patterns, OWASP Java guidance, and code review.
Sockets, subprocess, ctypes, pwntools, and offensive Python scripting.
AWS IAM, S3 misconfigs, IMDS exploitation, IAM privesc, and cloud hardening.
Container escapes, Docker socket abuse, image scanning, and Kubernetes security.
CCNA syllabus: switching, routing, VLANs, ACLs, and network fundamentals.
WPA2/WPA3, evil twin, deauth attacks, captive portal bypass, and WPS attacks.
Android architecture, ADB, APK analysis, and mobile application security.
Symmetric, asymmetric, hashing, PKI, TLS, and common crypto weaknesses.
Phishing, vishing, pretexting, physical intrusion, and building awareness defences.