Pentester Guide

A Comprehensive Resource for Pentesters: Tools, Methodologies, Scripts, Certifications, Learning Resources, Labs, Career Opportunities, Entertainment, and Freelancing Tips.

Contents

• Important Notes
• Certifications
• Pentesting Practice Platforms
• Foss Labs
• Bug Bounty Hunting Platforms
• Independent Pentesting Platforms
• 0Day Market
• Operating System for Hacking
• Awesome Links
• Hackers Manuals
• About Me
• Sponsor

Important Notes

1. Tools
2. Active Directory
3. All about Pentesting
4. Bug Bounty Hunting Methodology
5. HackiFy Wordlist and Tool Installer Script
6. Cyber Security / Bug Bounty Hunting Roadmap

Certifications

1. INE eJPT $249
2. AlteredSecurity CRTP $249
3. HTB CPTS With Annual Silver Plan $490
4. TCM Security PNPT $499
5. INE eCPPT $599
6. Offensive Security - PEN-200 (OSCP) $1649
7. Offensive Security - PEN-300 (OSEP) $1649
8. Google Cybersecurity Professional Certificate Almost Free (Less than $20 for one month)
9. Microsoft Certified: Azure Security Engineer Associate (Cloud) $146
10. CompTIA Security+ $500 Exam Voucher
11. CREST CRT $500
12. ISC2 CISSP $750
13. ISC2 CCSP $599
14. SANS SEC560: Enterprise Penetration Testing (GPEN) $2,499
15. SANS SEC660: GIAC Exploit Researcher and Advanced Penetration Tester $2,499

Note: Price may vary.

Pentesting Practice Platforms

1. VulnHub (Offsec) Free
2. VulnMachines (BlackHat) Free
3. Web Security Academy (PortSwigger Labs) Free
4. TryHackMe Free + Paid
5. pwnable.kr Free
6. pwnable.tw Free
7. HackTheBox Free + Paid
8. https://sec-dojo.com/en Paid
9. root-me Free
10. PentesterAcademy (Attackdefence) Free + Paid
11. Pentester Lab Free + Paid

FOSS Labs

1. Vulhub
2. Metasploitable3 Box
3. OWASP Juice (WEB)
4. DVWA (WEB)
5. WebGOAT (WEB)
6. Kubernetes GOAT
7. Wrong Secrets (WEB)
8. SQLi Lab
9. HackerOne CTF
10. For More Check: Awesome Vulnerable App List

Bug Bounty Hunting Platforms

1. Hackerone
2. Bugcrowd
3. Intigriti
4. YesWeHack
5. RedStorm
6. Zerocopter
7. OpenBugBounty
8. Immunify Web3
9. HackenProof WEB3

Independent Pentesting Platforms

1. Yogosha
2. Synack
3. Cobalt

0Day Market

1. CrowdFense
2. Zerodium (0day Bounty)

Best OS for Hacking

1. ParrotSec Security Edition
2. Kali Linux (OFFSEC)
3. BlackArch
4. BackBox

Awesome Links

1. The Book of Secret Knowledge
2. Sirensecurity.io Windows Privilege Escalation Resources
3. Awesome Link List by Sindre Sorhus
4. cheatography.com cheatsheets

Hackers Manuals

1. HackTricks
2. HackingArticles.in
3. InternalAllTheThings by swisskyrepo
4. eloypgz.org Active Directory
5. ExplainShell (Command Manual)
6. Reverse Shell making Tool
7. Hashcat Example Hashes
8. GTFObins Priviledge Escalation Cheetsheet
9. LOLBAS Binaries, Scripts and Libraries Exploit
10. loldrivers Drivers Exploits
11. WADComs Windows AD Cheetsheat
12. Exploit List haxx.it

Books

1. The Web Applicaiton Hacker’s Handbook
2. Web Hacking Arsenal
3. Brute XSS Payload Collection By Rodolfo Assis
4. THERCEMAN Bug Bounty CheetSheat Book

About Me

Platform	Link
LinkedIn	LinkedIn.com/in/ZishanAdThandar
YouTube	YouTube.com/ZishanAdThandar
LinkTree	ZishanAdThandar.github.io/linktree
Twitter	twitter.com/ZishanAdThandar
Telegram	ZishanAdThandar.t.me
GitHub	GitHub.com/ZishanAdThandar
Portfolio	ZishanAdThandar.github.io
Resume	ZishanAdThandar.github.io/CV.pdf

Sponsor

1. https://github.com/sponsors/ZishanAdThandar
2. https://ZishanAdThandar.github.io/sponsor/