Web Penetration Testing Roadmap

Roadmap’s Goals

Track: Penetration Testing

Study Time: 20 Hours / Week

Skills and Knowledge Gained:

All Skills and Knowledge to be an Intermediate Web Application Penetration Tester

For details: See the Topics under every stage below ↓

Initial Background of the Learner

• Has an overview of Cyber Security Fields and He is interested in Penetration Testing
• Resources to get the required knowledge before starting.
  • YT Video — Cybersecurity from zero to hero | Mohammad Khreesha.
  • YT Playlist — How to start in Information Security Field | Nakerah Network
  • FB Post — How to start in Information Security Field | Ebrahem Hegazy
  • YT Video — Penetration testing in corporates and high secured | Muhammad Gamal
• The Secret step-by-step Guide to learn Hacking

Learner’s Level at the End of the Roadmap

a Professional Web Application Penetration Tester

Before Starting

Prerequisites

• Good English ( Reading and Listening )
• Researching Skills ( Use Google when you face any problem )
• Some Notes to Keep in Mind.
  • You should study continuously if you are a beginner or even an expert, every day there are new updates in many technologies and new techniques are discovered.
  • All links provided are my recommendation which may not be the best for everyone, so you could change any of them if you found a better resource.

Important Q&A

1. What do we learn in the first stage(Pre-Security)?

   We will learn the core skills that are needed to be a Penetration Tester, those skills are also the core skills for many IT Jobs.

2. Is this the best roadmap for a Penetration Tester?

   • You should know that the Cyber Security path is not easy and it takes time and there is no clear path for it that makes you an expert.
   • Keep in mind that the difficulty you face while learning is the same as others so all of us will struggle with being better in this field(we are equal).

---

Pre-Security

In this stage, we will learn about three core topics and gain some knowledge about the technologies we will face most of the time.

• Topics
• Week 1
• Week 2
• Week 3
• Week 4
• Week 5
• Week 6

Beginner

Here, We will get into simple tasks of the Penetration Tester that will help us know if the track suits us.

• Topics
• Week 07
• Week 08
• Week 09
• Week 10
• Week 11
• Week 12
• Week 13
• Week 14

Intermediate

In this stage, we will learn new vulnerabilities, deep dive into the OWASP Top 10, and get more hands-on experience.

• Topics
• Week 15
• Week 16
• Week 17-28
• Week 29-38
• Week 39-45

Advanced

• Topics
• Week 46
• Week 47
• Week 48-57
• Week 58-60

---

What should I do now?

If you are here that means you gained many powerful skills and a good amount of knowledge as a Penetration Tester, now you have to look for needed skills to be a Junior Penetration Tester, from requirements on LinkedIn for many Penetration Testing jobs you will know that you have to study one or more of these topics with what you studied now.

• Mobile App Penetration Testing
• Network Penetration Testing
• Other

You may also hear about Bug Bounty Hunting, If you are interested I will add resources soon.