1. step 0
    1. Network+ (Learn basic concepts about networks, including TCP/IP and OSI models.)Basic cybersecurity concepts such as the CIA Triad (Confidentiality, Integrity, Availability), and principles like least privilege and defense in depth.
    2. Topics: Basic network concepts, TCP/IP, OSI model
    3. Tools: Wireshark, Nmap
    4. References: "Network+ Guide to Networks" by Jill West and Tamara Dean
    5. CompTIA Network+ / N10-008
    6. CompTIA Security+ /
  2. step 1
    1. LPIC 1 (Learn how to operate the Linux OS, aiming to work with distributions like Kali Linux.)
    2. Topics: Linux command line, file systems, shell scripting
    3. Tools: Kali Linux, Bash scripting
    4. LPIC-1/CompTIA Linux+ Certification
    5. Linux Professional Institute LPIC-1
  3. step 2
    1. LPIC 2 (Learn how Linux services work and running services, with the goal of operating red team infrastructure proficiently and managing Linux services for red team exercises.)
    2. Topics: Linux services, system administration
    3. Tools: Systemd, Apache, SSH
    4. Linux Professional Institute Certification LPIC-2
    5. Linux Professional Institute LPIC-2
  4. step 3
    1. MCSA/MCSE (Focus more on Active Directory, Kerberos, LDAP, group policy, and other Windows services like IIS, DNS, DHCP, file server, etc. Understand service operations and alterations for red team exercises.)
    2. Topics: Active Directory, Group Policy, Windows Server management
    3. Tools: Active Directory Users and Computers, PowerShell
    4. MCSA, MCSD, MCSE certifications
  5. step 4
    1. CCNA (Learn concepts like NAT, firewall, ACL, VLAN, routing, switching.)
    2. Topics: Network concepts, routing, switching, VLANs
    3. Tools: Cisco Packet Tracer, GNS3
    4. CCNA Routing and Switching Complete Study Guide
  6. step 5
    1. Programming in C/C++, Python, Bash, PowerShell (As a red teamer, you might develop or customize tools. For TTP tests, proficiency in at least C++ is necessary. For advanced goals like developing C2, C/C++ assembly knowledge is beneficial. Additionally, familiarity with C# is advantageous.)
    2. Topics: Basic programming concepts, scripting, automation
    3. Automate the Boring Stuff with Python
    4. Programming in C
    5. Tools: Visual Studio Code, Git
    6. Black Hat Python
    7. Black Hat Bash
    8. ADVANCED POWERSHELL FOR OFFENSIVE OPERATIONS
    9. Offensive C#
  7. step 6
    1. OWASP Top 10 Web/API (As a red teamer, understanding common vulnerabilities in web applications and APIs is crucial. Exploiting web or API services is integral to some IA techniques.)
    2. Topics: Web application vulnerabilities, API security
    3. The Web Application Hacker's Handbook
    4. Tools: Burp Suite, OWASP ZAP
    5. OWASP Top 10 API Security Risks
    6. OWASP Top Ten
    7. OWASP Web Security Testing Guide
    8. SEC542: Web App Penetration Testing and Ethical Hacking
  8. step 7
    1. Network Penetration Testing (Red teamers should be proficient in discovering vulnerabilities using scanners and exploiting known vulnerabilities.)
    2. Topics: Vulnerability scanning, exploit development, wireless hacking, cloud hacking
    3. Metasploit: The Penetration Tester's Guide
    4. Tools: Metasploit, Nessus
    5. SEC560: Enterprise Penetration Testing
    6. SEC580: Metasploit for Enterprise Penetration Testing
    7. SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
  9. step 8
    1. Windows Internals (Understanding Windows internals is essential before delving into working with tools or exploiting AD.)
    2. Topics: Windows architecture, registry, processes
    3. Windows Internals: System architecture, processes, threads, memory management, and more, Part 1
    4. Tools: Process Explorer, Registry Editor
    5. Windows Internals, Part 1: User Mode
  10. step 9
    1. Linux Internals (In enterprise networks, Linux OSes are prevalent. Red teamers should be familiar with Linux internals for exercises.)
    2. Topics: Linux kernel, system calls, memory management
    3. Understanding the Linux Kernel
    4. Tools: strace, sysdig
    5. Linux Internals Simplified: A beginners guide to Linux Internals
  11. step 10
    1. macOS Internals (macOS is widely used in many organizations. Understanding macOS internals is crucial, particularly in regions where it's popular.)
    2. Topics: macOS architecture, filesystem, security mechanisms
    3. References: "Mac OS X Internals: A Systems Approach" by Amit Singh
    4. Tools: dtrace, fs_usage
    5. https://www.amazon.de/-/en/Jonathan-Levin/dp/1118057651
    6. MacOS and iOS Internals, Volume I
  12. step 11
    1. OSCP Pen200 (This course covers tools for discovering vulnerabilities and exploiting them. Previous knowledge from steps 0-10 provides a foundation for success in this exam.)
    2. Topics: Penetration testing methodology, privilege escalation, buffer overflows
    3. References: Offensive Security's PWK course material
    4. Tools: Kali Linux tools (e.g., Hydra, Nmap), exploit-db
    5. PEN-200: Penetration Testing with Kali Linux
  13. step 12
    1. Red Team Frameworks (Understanding MITRE ATT&CK tactics and techniques is crucial. Practice with Caldera, Atomic Red Team, and Cobalt Strike for emulating TTP.)
    2. Topics: MITRE ATT&CK framework, adversary emulation, Cyber Threat Intelligence, social engineering, physical Red Team
    3. MITRE ATT&CK website
    4. Tools: Atomic Red Team, Cobalt Strike
    5. Enterprise Matrix
    6. SEC565: Red Team Operations and Adversary Emulation
    7. The Red Team Field Manual
  14. step 13/14
    1. Optional steps (Courses CRTP/CRTE focus on AD exploitation. Reviewing these resources ensures proficiency in all techniques relevant to AD exploitation.)
    2. Topics: Active Directory exploitation, post-exploitation techniques
    3. References: Pentester Academy's CRTP/CRTE course material
    4. Tools: BloodHound, PowerSploit
    5. Active Directory Security
    6. Adversary Simulation and Red Team Operations.
    7. Defence Evasion Tactics
  15. step 15
    1. OSEP PEN300 (This course covers advanced evasion techniques and Windows kernel exploitation. Proficiency in Windows internals and C++ is necessary.)
    2. Topics: Advanced evasion techniques, Windows kernel exploitation
    3. References: Offensive Security's OSEP course material
    4. Tools: Custom shellcode, immunity debugger
    5. PEN-300: Advanced Evasion Techniques and Breaching Defenses
  16. step 16
    1. Exploit Development (Senior red teamers should be proficient in discovering and modifying exploits. Mastery of concepts covered in previous steps is essential.)
    2. Topics: Reverse engineering, heap exploitation
    3. Hacking: The Art of Exploitation
    4. Tools: IDA Pro, Immunity Debugger, windbg, Ghidra
    5. EXP-301: Windows User Mode Exploit Development
    6. EXP-312: Advanced macOS Control Bypasses
    7. EXP-401: Advanced Windows Exploitation
    8. SEC760: Advanced Exploit Development for Penetration Testers
    9. Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
  17. step 17
    1. Malware Development (Proficiency in developing and customizing C2 is essential for enterprise networks. Before proceeding, ensure SIEM FP levels are adequate.)
    2. Topics: Malware analysis, C2 frameworks
    3. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
    4. Malware Analyst's Cookbook: Tools and Techniques for Fighting Malicious Code
    5. Tools: Cobalt Strike, Metasploit, Veil
    6. RED TEAM Operator: Malware Development Essentials
    7. RED TEAM Operator: Malware Development Intermediate
    8. RED TEAM Operator: Malware Development Advanced - Vol.1
    9. C2 Development in C#
    10. Offensive Driver Development
  18. step 18
    1. Offensive Security Tools Developer (Red teamers should be capable of developing or customizing tools for engagements.)
    2. Topics: Network protocol analysis, tool customization
    3. Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology
    4. Black Hat Python: Python Programming for Hackers and Pentesters
    5. Tools: Scapy, custom Python scripts
    6. SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control
  19. Basic Concepts
  20. Linux Concepts
  21. Active Directory
  22. Network Infrastructure
  23. Programming skills
  24. Web Application Hacking
  25. Network Hacking
  26. OS Internals
  27. Basic Penetration skill
  28. Adversary Emulation & Simulation
  29. Active directory hacking
  30. Art of evasion
  31. Reverse engineering & Exploitation
  32. Malware development
  33. OST
  34. Soheil Hashemi (soheilsec)
    1. YouTube
    2. Twitter
    3. Telegram
    4. Website
  35. Junior Level in a nutshell
    1. OS internals
    2. Basic Penetration skill
    3. Adversary Emulation & Simulation
    4. Active directory hacking
  36. Senior Level in a nutshell
    1. Reverse engineering & Exploitation
    2. Malware development
    3. OST
  37. Intern Level in a nutshell
    1. Basic Concepts
    2. Linux Concepts
    3. Active Directory
    4. Network Infrastructure
    5. Programming skills
    6. Web Application Hacking
    7. Network Hacking