Junior Penetration Tester
- Home
- Training
- Junior Penetration Tester
Junior Penetration Tester
Junior Penetration Tester – 3 Month Detailed Training Plan
Schedule: 4 Days per Week | 2 Hours per Day
Total Duration: 12 Weeks
Week 1: Cybersecurity & Ethical Hacking Basics
- Day 1 (2 hrs): Introduction to Cybersecurity, CIA Triad, Threats vs Vulnerabilities
- Day 2 (2 hrs): Ethical Hacking, Legal Scope, Rules of Engagement
- Day 3 (2 hrs): Pentesting Types (Black/White/Grey Box), Kill Chain
- Day 4 (2 hrs): Lab Setup: Kali Linux, VirtualBox/VMware, Target VMs
Week 2: Networking Fundamentals
- Day 1 (2 hrs): OSI & TCP/IP Models, Network Types
- Day 2 (2 hrs): IP Addressing, Subnetting, Ports & Protocols
- Day 3 (2 hrs): DNS, HTTP/HTTPS, FTP, SMTP Concepts
- Day 4 (2 hrs): Wireshark Basics: Capturing and Analyzing Traffic
Week 3: Linux & Windows Essentials
- Day 1 (2 hrs): Linux File System, Basic Commands
- Day 2 (2 hrs): Linux Permissions, Users, Processes
- Day 3 (2 hrs): Windows Architecture, Users & Groups
- Day 4 (2 hrs): Windows Services, Registry, CMD & PowerShell Intro
Week 4: Footprinting & Reconnaissance
- Day 1 (2 hrs): Passive Reconnaissance & OSINT Concepts
- Day 2 (2 hrs): Google Dorking, WHOIS, DNS Lookup
- Day 3 (2 hrs): Shodan, Maltego, Recon-ng
- Day 4 (2 hrs): Target Profiling & Recon Reporting
Week 5: Scanning & Enumeration
- Day 1 (2 hrs): Network Scanning Concepts, Types
- Day 2 (2 hrs): Nmap: Host Discovery & Port Scanning
- Day 3 (2 hrs): Service & OS Detection with Nmap
- Day 4 (2 hrs): Enumeration: SMB, FTP, HTTP, SNMP
Week 6: Vulnerability Assessment
- Day 1 (2 hrs): Vulnerability Types & Risk Rating
- Day 2 (2 hrs): CVE, CVSS, NVD Understanding
- Day 3 (2 hrs): Nessus/OpenVAS Scanning
- Day 4 (2 hrs): Scan Analysis & False Positives
Week 7: Web Application Fundamentals
- Day 1 (2 hrs): Web Architecture & HTTP Methods
- Day 2 (2 hrs): Sessions, Cookies, Authentication
- Day 3 (2 hrs): OWASP Top 10 Overview
- Day 4 (2 hrs): Burp Suite Setup & Proxy Interception
Week 8: Web Attacks – SQLi & XSS
- Day 1 (2 hrs): SQL Injection Basics & Types
- Day 2 (2 hrs): Manual SQLi Testing & Payloads
- Day 3 (2 hrs): XSS Types: Stored, Reflected, DOM
- Day 4 (2 hrs): SQLi/XSS Testing with Burp Suite
Week 9: System Hacking
- Day 1 (2 hrs): Password Attacks & Hashing Concepts
- Day 2 (2 hrs): Metasploit Framework Basics
- Day 3 (2 hrs): Privilege Escalation (Linux & Windows)
- Day 4 (2 hrs): Post-Exploitation & Cleanup
Week 10: Network Attacks
- Day 1 (2 hrs): Sniffing & MITM Concepts
- Day 2 (2 hrs): ARP Poisoning Attacks
- Day 3 (2 hrs): Session Hijacking Basics
- Day 4 (2 hrs): Network Attack Mitigations
Week 11: Wireless & Mobile Basics
- Day 1 (2 hrs): Wireless Standards & Security
- Day 2 (2 hrs): WEP/WPA/WPA2/WPA3 Attacks (Theory)
- Day 3 (2 hrs): Mobile Platform Security Overview
- Day 4 (2 hrs): Mobile & Wireless Testing Tools Overview
Week 12: Reporting & Final Practice
- Day 1 (2 hrs): Pentest Reporting Structure
- Day 2 (2 hrs): Risk, Impact & Remediation Writing
- Day 3 (2 hrs): Tools Revision & Practice Lab
- Day 4 (2 hrs): Mock Pentest & Career Guidance