TryHackMe
JR PENETRATION TESTER PATH:
Practical skills necessary to perform security assessments against web applications and enterprise infrastructure.
Cybersecurity, Pentesting and Web Hacking basics covering testing techniques and metodologies;
Passive and active retwork reconnaissance, common protocols and their attack vectors;
Skills, research methods and resources used to exploit vulnerable applications and systems;
Fundamental techniques to elevate account priviliges in Linux and Windows systems;
WEB FUNDAMENTALS PATH
Understand how web applications work, utilisation of industry standard tooling when attacking web applications and exploit of common web vulnerabilities including OWASP:
Content Discovery, Subdomain Enumeration, Authentication Bypass, IDOR, File Inlusion, SSRF, XSS, Command Injection, SQL injection;
SOC LEVEL 1 PATH:
Detecting and analysing traffic anomalies, mornitoring of endpoints for threats, utilization of SIEM tools to handle incidents and investigation of forensic artefacts:
Knowledge of the different frameworks such as Pyramid of Pain, Cyber Kill Chain, Unified Kill Chain, Diamond Model and MITRE;
Use of Cyber Threat Intelligence and network security and traffic analysis.
Endpoint security monitoring, creation of simple and advance search queries to look for specific answers from the ingested logs;
Digital forensic and incident response including how to analyze and defend against phising;
Last updated