├── CPEH Preparation by Joas (unofficial).xmind
└── README.md


/CPEH Preparation by Joas (unofficial).xmind:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CyberSecurityUP/PNPT-Preparation-Guide/HEAD/CPEH Preparation by Joas (unofficial).xmind


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # PNPT-Preparation-Guide (Unofficial)
  2 | PNPT Exam Preparation - TCM Security
  3 | 
  4 | ## OSINT/Information Gathering
  5 | 
  6 | ### https://academy.tcm-sec.com/p/osint-fundamentals
  7 | 
  8 | ### https://osintframework.com/
  9 | 
 10 | ### https://github.com/jivoi/awesome-osint
 11 | 
 12 | ### https://github.com/tracelabs/awesome-osint
 13 | 
 14 | ### https://github.com/lockfale/OSINT-Framework
 15 | 
 16 | ### https://github.com/topics/information-gathering
 17 | 
 18 | ### https://www.kyylee.com/oscp-notes/active-information-gathering
 19 | 
 20 | ### https://github.com/s0wr0b1ndef/Offsec-Exam-Cheatsheet/blob/master/Info%20Gathering.md
 21 | 
 22 | ### https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
 23 | 
 24 | ### https://www.securitymadesimple.org/cybersecurity-blog/active-vs-passive-cyber-reconnaissance-in-information-security
 25 | 
 26 | ### https://www.youtube.com/watch?v=eIdVtCQSa3s
 27 | 
 28 | ### https://www.youtube.com/watch?v=jg33HUfgTaI
 29 | 
 30 | ### https://www.dummies.com/test-prep/passive-information-gathering-for-pentesting/
 31 | 
 32 | ### https://www.dummies.com/test-prep/active-information-gathering-for-pentesting/
 33 | 
 34 | ### https://academy.osintcombine.com/p/tracelabstraining
 35 | 
 36 | ### https://literacybasics.ca/strategic-planning/strategic-planning-assesssment/overview-and-information-gathering-tools/
 37 | 
 38 | ### https://linuxhint.com/best-information-gathering-tools-in-kali-linux/
 39 | 
 40 | ### https://www.udemy.com/course/information-hacking/
 41 | 
 42 | ### https://www.udemy.com/course/the-art-of-reconnaissance-information-gathering-techniques/
 43 | 
 44 | ### https://www.udemy.com/course/information-gathering-phase-1-of-cyber-security/
 45 | 
 46 | ### https://github.com/BullsEye0/dorks-eye
 47 | 
 48 | ### https://www.exploit-db.com/google-hacking-database
 49 | 
 50 | ### https://securitytrails.com/blog/google-hacking-techniques
 51 | 
 52 | ### https://github.com/leonjza/awesome-nmap-grep
 53 | 
 54 | ### https://github.com/paralax/awesome-internet-scanning
 55 | 
 56 | ### https://nmap.org/
 57 | 
 58 | ## Exam Report Writer
 59 | 
 60 | ### https://www.youtube.com/watch?v=OKN5pUgQKIM
 61 | 
 62 | ### https://www.youtube.com/watch?v=EOoBAq6z4Zk
 63 | 
 64 | ### https://www.youtube.com/watch?v=NEz4SfjjwvU
 65 | 
 66 | ### https://cobalt.io/blog/how-to-write-an-effective-pentest-report-vulnerability-reports
 67 | 
 68 | ### https://www.tutorialspoint.com/penetration_testing/penetration_testing_report_writing.htm
 69 | 
 70 | ### https://www.sans.org/white-papers/33343/
 71 | 
 72 | ### https://www.hebergementwebs.com/penetration-test-tutorial/penetration-testing-report-writing
 73 | 
 74 | ### https://searchsecurity.techtarget.com/tip/3-tips-for-writing-a-quality-penetration-testing-report
 75 | 
 76 | ## My Social Medias
 77 | 
 78 | ### https://www.linkedin.com/in/joas-antonio-dos-santos
 79 | 
 80 | ### https://twitter.com/C0d3Cr4zy
 81 | 
 82 | ## Web Application PenTest
 83 | 
 84 | ### https://github.com/PacktPublishing/Mastering-Modern-Web-Penetration-Testing
 85 | 
 86 | ### https://github.com/infoslack/awesome-web-hacking
 87 | 
 88 | ### https://github.com/qazbnm456/awesome-web-security
 89 | 
 90 | ### https://github.com/wtsxDev/List-of-web-application-security/blob/master/README.md
 91 | 
 92 | ### https://github.com/kaiiyer/web-app-pentesting
 93 | 
 94 | ### https://portswigger.net/web-security
 95 | 
 96 | ### https://github.com/CyberSecurityUP/eWPTX-Preparation
 97 | 
 98 | ### https://github.com/hahwul/WebHackersWeapons
 99 | 
100 | ### https://github.com/thehackingsage/hacktronian
101 | 
102 | ### https://www.mindmeister.com/pt/1746180947/web-vulnerability-by-joas-antonio
103 | 
104 | ## Vulnerability Scanning and Exploitation
105 | 
106 | ### https://github.com/enaqx/awesome-pentest
107 | 
108 | ### https://github.com/Muhammd/Awesome-Pentest
109 | 
110 | ### https://githubmemory.com/repo/vip2ip/awesome-pentester
111 | 
112 | ### https://github.com/S3cur3Th1sSh1t/Pentest-Tools
113 | 
114 | ### https://github.com/We5ter/Scanners-Box
115 | 
116 | ### https://github.com/skavngr/rapidscan
117 | 
118 | ### https://www.openvas.org/
119 | 
120 | ### https://www.zaproxy.org/
121 | 
122 | ## Pivoting - Windows/Linux
123 | 
124 | ### https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Network%20Pivoting%20Techniques.md
125 | 
126 | ### https://github.com/RedTeamOperations/PivotSuite
127 | 
128 | ### https://github.com/0x36/VPNPivot
129 | 
130 | ### https://github.com/zxlim/pivot-tunnel
131 | 
132 | ### https://github.com/sshuttle/sshuttle
133 | 
134 | ### https://github.com/rsmudge/Layer2-Pivoting-Client
135 | 
136 | ### https://github.com/pha5matis/Pentesting-Guide/blob/master/port_forwarding_and_tunneling.md
137 | 
138 | ### https://github.com/quantumcore/maalik
139 | 
140 | ### https://github.com/mis-team/rsockspipe
141 | 
142 | ### https://github.com/740i/pentest-notes/blob/master/pivoting.md
143 | 
144 | ### https://github.com/jpillora/chisel
145 | 
146 | ## Exam Details
147 | 
148 | ### Practical exam, no multiple choice
149 | 
150 | ### Use any tool you want, seriously
151 | 
152 | ### 5 days for testing, 2 days report writing
153 | 
154 | ### $299 standalone exam
155 | 
156 | ### $399 exam with training
157 | 
158 | ### Veteran and student discounts available
159 | 
160 | ### https://certifications.tcm-sec.com/
161 | 
162 | ### https://mattschmidt.net/2021/05/04/tcm-cpeh-exam-certification-review/
163 | 
164 | ### https://www.youtube.com/watch?v=2jhyPg-yzzs
165 | 
166 | ## Buffer Overflow
167 | 
168 | ### https://github.com/gh0x0st/Buffer_Overflow
169 | 
170 | ### https://github.com/johnjhacking/Buffer-Overflow-Guide
171 | 
172 | ### https://github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst
173 | 
174 | ### https://github.com/justinsteven/dostackbufferoverflowgood
175 | 
176 | ### https://github.com/V1n1v131r4/OSCP-Buffer-Overflow
177 | 
178 | ### https://github.com/joshua17sc/Buffer-Overflows
179 | 
180 | ### https://github.com/CyberSecurityUP/AWESOME-EXPLOIT-DEVELOPMENT
181 | 
182 | ## Windows PenTest
183 | 
184 | ### https://hausec.com/2019/03/05/penetration-testing-active-directory-part-i/
185 | 
186 | ### https://www.pentesteracademy.com/activedirectorylab
187 | 
188 | ### https://www.udemy.com/course/active-directory-red-team-hacking/
189 | 
190 | ### https://www.youtube.com/watch?v=BjKcBwkSupY
191 | 
192 | ### https://book.hacktricks.xyz/windows/active-directory-methodology
193 | 
194 | ### https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
195 | 
196 | ### https://github.com/balaasif6789/AD-Pentesting
197 | 
198 | ### https://drive.google.com/file/d/1pb_8i_kc68P_RksLPUFEi9TJwAH_wqvI/view?usp=sharing
199 | 
200 | ### https://drive.google.com/file/d/1Hjq_Hc8dQEF_ZhNFtGMrl2GELoryboyW/view?usp=sharing
201 | 
202 | ### https://drive.google.com/file/d/1znezUNtghkcFhwfKMZmeyNrtdbwBXRsz/view?usp=sharing
203 | 
204 | ### https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
205 | 
206 | ### https://0xsp.com/offensive/privilege-escalation-cheatsheet
207 | 
208 | ### https://pentest.tonyng.net/windows-privilege-escalation-a-cheatsheet/
209 | 
210 | ### https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html
211 | 
212 | ### https://www.fuzzysecurity.com/tutorials/16.html
213 | 
214 | ### https://www.hackingdream.net/2020/03/windows-privilege-escalation-cheatsheet-for-oscp.html
215 | 
216 | ### https://book.hacktricks.xyz/windows/windows-local-privilege-escalation
217 | 
218 | ### https://joshruppe.com/basic-windows-enumeration/
219 | 
220 | ### https://www.noobsec.net/privesc-windows/
221 | 
222 | ### https://www.bytefellow.com/windows-privilege-escalation-cheatsheet-for-oscp/
223 | 
224 | ### https://github.com/frizb/Windows-Privilege-Escalation
225 | 
226 | ### https://github.com/netbiosX/Checklists/blob/master/Windows-Privilege-Escalation.md
227 | 
228 | ### https://github.com/carlospolop/winPE
229 | 
230 | ### https://lolbas-project.github.io/
231 | 
232 | ## Linux PenTest
233 | 
234 | ### https://github.com/ankh2054/linux-pentest
235 | 
236 | ### https://github.com/MrPineMan/Awesome-Reverse-Shell
237 | 
238 | ### https://github.com/lukechilds/reverse-shell
239 | 
240 | ### https://github.com/WangYihang/Reverse-Shell-Manager
241 | 
242 | ### https://github.com/nodauf/Girsh
243 | 
244 | ### https://github.com/mzfr/rsh
245 | 
246 | ### https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite
247 | 
248 | ### https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
249 | 
250 | ### https://johnjhacking.com/blog/linux-privilege-escalation-quick-and-dirty/
251 | 
252 | ### https://0xsp.com/offensive/privilege-escalation-cheatsheet
253 | 
254 | ### https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_-_linux.html
255 | 
256 | ### https://www.hackingarticles.in/privilege-escalation-cheatsheet-vulnhub/
257 | 
258 | ### https://blog.thehackingnomad.com/cheat-sheet-series/privesc-linux
259 | 
260 | ### https://gtfobins.github.io/
261 | 
262 | ## Lateral Movement - Windows/Linux 
263 | 
264 | ### https://riccardoancarani.github.io/2019-10-04-lateral-movement-megaprimer/
265 | 
266 | ### https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f
267 | 
268 | ### https://www.ired.team/offensive-security/lateral-movement
269 | 
270 | ### https://pentestlab.blog/2020/07/21/lateral-movement-services/
271 | 
272 | ### https://www.varonis.com/blog/penetration-testing-explained-part-iv-making-the-lateral-move/
273 | 
274 | ### https://logrhythm.com/blog/what-is-lateral-movement-and-how-to-detect-it/
275 | 
276 | ### https://github.com/MicrosoftDocs/ATADocs/blob/master/ATPDocs/playbook-lateral-movement.md
277 | 
278 | ### https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/ATT%26CK-Stuff/ATT%26CK/Lateral%20Movement.md
279 | 
280 | ### https://redcanary.com/blog/lateral-movement-with-secure-shell/
281 | 
282 | ### https://mrw0r57.github.io/2020-05-31-linux-post-exploitation-10-4/
283 | 
284 | ### https://ivanitlearning.wordpress.com/2019/02/10/linux-exploitation-lateral-movement/
285 | 
286 | ### https://azeria-labs.com/lateral-movement/
287 | 
288 | ## Courses TCM
289 | 
290 | ### https://academy.tcm-sec.com/p/osint-fundamentals
291 | 
292 | ### https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course
293 | 
294 | ### https://academy.tcm-sec.com/p/linux-privilege-escalation
295 | 
296 | ### https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners
297 | 
298 | ## Laboratory
299 | 
300 | ### https://tryhackme.com/
301 | 
302 | ### https://www.hackthebox.eu/
303 | 
304 | ### vulnhub.com
305 | 
306 | ### vulnmachines.com
307 | 
308 | ### https://www.mindmeister.com/pt/1781013629/the-best-labs-and-ctf-red-team-and-pentest
309 | 
310 | 


--------------------------------------------------------------------------------