Become a Certified Penetration Tester

Draw and label different network topologies

Calculate subnets for given IP ranges

Match protocols to their functions (e.g., HTTP, FTP, DNS)

Diagram a basic web architecture

Network topology simulation in Cisco Packet Tracer

Capturing and analyzing packets with Wireshark

Install Kali/Parrot OS on VMware

Practice most common Linux commands (e.g., ls, cd, cat)

List running processes and terminate a specific process

Configuring different servers in Linux

Configure a static IP address in Linux

Write and execute a "Hello, World!" Bash script

Take user input (e.g., name, age) and display a personalized message

Use if-else statements to check if a directory exists

Write a backup script using date-stamped filenames

Create a Bash script to run basic pentesting tools

Use while and until loops to repeatedly check a service status

Develop a script to enumerate live hosts in a subnet using ping sweep

Navigate Windows using Command Prompt and PowerShell

List and manage local users and groups via PowerShell

Create a new user, assign permissions, and verify access rights

Use Event Viewer to locate and analyze failed login attempts

Start and stop Windows services using command-line tools

Configure Windows Firewall rules using PowerShell

Explore and analyze Windows system logs

Practice basic PowerShell scripting for system automation

Encrypt a file using VeraCrypt

Generate a hash with HashCalc

Analyze a cipher with CyberChef

Perform disk encryption and decryption using VeraCrypt

Perform Google Dorking to locate publicly exposed data

Use WHOIS to gather domain ownership and registration details

Run DNS enumeration using nslookup or dig

Identify open directories using dirb or gobuster

Map relationships and organizations using Maltego

Conduct a complete reconnaissance exercise using Recon-ng and theHarvester on a target domain

Run a basic Nmap scan to identify open ports

Perform banner grabbing on a target service

Identify OS using Nmap options

Compare scan results from Angry IP Scanner and Zenmap

Execute a comprehensive Nmap scan with OS detection and service enumeration

Using Different Scanning techniques to scan beyond firewall

Run an Nmap script for SMB enumeration

Perform NetBIOS enumeration on a target

Query an SNMP service using SNMPwalk

Extract LDAP attributes using LDAPsearch

List common enumerated protocols and their risks

Enumerate a target system using enum4linux and Nmap scripts

Run a basic Nikto scan on a web server

Identify CVEs for a known vulnerability

Compare Nessus and OpenVAS scan outputs

Categorize vulnerabilities by severity

Perform a vulnerability scan using OpenVAS and generate a report

Capture HTTP traffic with Wireshark

Identify clear-text credentials in packets

Perform ARP spoofing in a lab with Ettercap

List sniffing countermeasures

Sniff and analyze network traffic using Wireshark in a lab environment

Crack a password hash using John the Ripper, Hashcat

Use Hydra to brute-force services

Use Mimikatz to extract credentials

Crack NTLM & Linux Shadow hashes

Exploit a system vulnerability using Metasploit and escalate privileges

Perform manual exploitation of a vulnerable Linux service

Establish a reverse shell using Netcat

Identify privilege escalation vectors with WinPEAS , LinPEAS

Enumerate users and groups

Perform Kerberoasting and crack service tickets offline

Extract hashes using Mimikatz and reuse them (Pass-the-Hash)

Visualize AD relationships and privilege paths using BloodHound

Simulate lateral movement across systems

Abuse Group Policy Preferences to recover stored passwords

Generate and use a Golden Ticket with Mimikatz

Set up a local vulnerable WordPress site

Use wpscan to enumerate users, plugins, and known CVEs

Upload a malicious plugin and gain shell access

Manually brute-force the wp-admin login panel

Exploit a vulnerable theme

Analyze and test a sample REST API using Postman

Intercept and manipulate API calls with Burp Suite

Exploit an IDOR vulnerability to access another user's data

Simulate a brute-force attack on API authentication endpoints

Perform API fuzzing using Burp or custom scripts

Extract strings from a binary using Strings

Analyze a file with PEStudio

Submit a sample to VirusTotal for analysis

Compare system snapshots with Regshot

Conduct malware analysis in a sandbox environment using Remnux

Extract and document IOCs from a dynamic analysis report

Use PEStudio or Strings to identify suspicious artifacts

Create a basic YARA rule to match a known malware pattern

Design and send a simulated phishing campaign

Create a phishing landing page using SEToolkit or Gophish

Conduct a USB drop test using Rubber Ducky, etc

Disassemble a simple binary using Ghidra

Analyze a keygen or crackme challenge

Unpack and analyze a packed executable

Configure AWS CLI for basic tasks

List cloud service models (IaaS, PaaS, SaaS)

Identify cloud misconfigurations

Recommend cloud security controls

Perform a cloud security audit using AWS CLI in a lab environmen

Perform a firmware analysis using binwalk

Simulate a Modbus traffic sniff using Wireshark

Enumerate IoT devices on a local network

Identify vulnerabilities in a smart device (e.g., IP camera or router)

Reverse a simple binary and retrieve a flag

Use CyberChef to decode common encodings

Write a detailed solution for one solved challenge

Participate in a team-based mini-CTF

Solve beginner to medium level CTF challenges from different platforms