PNPT Exam Preparation - TCM Security
https://academy.tcm-sec.com/p/osint-
fundamentals
https://osintframework.com/
https://github.com/jivoi/awesome-osint
https://github.com/tracelabs/awesome-osint
https://github.com/lockfale/OSINT-
Framework
https://github.com/topics/information-
gathering
https://www.kyylee.com/oscp-notes/active-
information-gathering
https://github.com/s0wr0b1ndef/Offsec-
Exam-Cheatsheet/blob/master/Info%
20Gathering.md
https://highon.coffee/blog/penetration-
testing-tools-cheat-sheet/
https://www.securitymadesimple.org/
cybersecurity-blog/active-vs-passive-cyber-
reconnaissance-in-information-security
https://www.youtube.com/watch?v=
eIdVtCQSa3s
https://www.youtube.com/watch?v=
jg33HUfgTaI
https://www.dummies.com/test-prep/
passive-information-gathering-for-
pentesting/
https://www.dummies.com/test-prep/active-
information-gathering-for-pentesting/
https://academy.osintcombine.com/p/
tracelabstraining
https://literacybasics.ca/strategic-planning/
strategic-planning-assesssment/overview-
and-information-gathering-tools/
https://linuxhint.com/best-information-
gathering-tools-in-kali-linux/
https://www.udemy.com/course/
information-hacking/
https://www.udemy.com/course/the-art-of-
reconnaissance-information-gathering-
techniques/
https://www.udemy.com/course/
information-gathering-phase-1-of-cyber-
security/
https://github.com/BullsEye0/dorks-eye
https://www.exploit-db.com/google-
hacking-database
https://securitytrails.com/blog/google-
hacking-techniques
https://github.com/leonjza/awesome-nmap-
grep
https://github.com/paralax/awesome-
internet-scanning
https://nmap.org/
https://www.youtube.com/watch?v=
OKN5pUgQKIM
https://www.youtube.com/watch?v=
EOoBAq6z4Zk
https://www.youtube.com/watch?v=
NEz4SfjjwvU
https://cobalt.io/blog/how-to-write-an-
effective-pentest-report-vulnerability-
reports
https://www.tutorialspoint.com/penetration_
testing/penetration_testing_report_writing.htm
https://www.sans.org/white-papers/33343/
https://www.hebergementwebs.com/
penetration-test-tutorial/penetration-testing-
report-writing
https://searchsecurity.techtarget.com/tip/3-
tips-for-writing-a-quality-penetration-
testing-report
https://www.linkedin.com/in/joas-antonio-
dos-santos
https://twitter.com/C0d3Cr4zy
https://github.com/PacktPublishing/
Mastering-Modern-Web-Penetration-Testing
https://github.com/infoslack/awesome-web-
hacking
https://github.com/qazbnm456/awesome-
web-security
https://github.com/wtsxDev/List-of-web-
application-security/blob/master/README.
md
https://github.com/kaiiyer/web-app-
pentesting
https://portswigger.net/web-security
https://github.com/CyberSecurityUP/
eWPTX-Preparation
https://github.com/hahwul/
WebHackersWeapons
https://github.com/thehackingsage/
hacktronian
https://www.mindmeister.com/pt/
1746180947/web-vulnerability-by-joas-
antonio
https://github.com/enaqx/awesome-pentest
https://github.com/Muhammd/Awesome-
Pentest
https://githubmemory.com/repo/vip2ip/
awesome-pentester
https://github.com/S3cur3Th1sSh1t/Pentest-
Tools
https://github.com/We5ter/Scanners-Box
https://github.com/skavngr/rapidscan
https://www.openvas.org/
https://www.zaproxy.org/
https://github.com/swisskyrepo/
PayloadsAllTheThings/blob/master/
Methodology%20and%20Resources/
Network%20Pivoting%20Techniques.md
https://github.com/RedTeamOperations/
PivotSuite
https://github.com/0x36/VPNPivot
https://github.com/zxlim/pivot-tunnel
https://github.com/sshuttle/sshuttle
https://github.com/rsmudge/Layer2-
Pivoting-Client
https://github.com/pha5matis/Pentesting-
Guide/blob/master/port_forwarding_and_
tunneling.md
https://github.com/quantumcore/maalik
https://github.com/mis-team/rsockspipe
https://github.com/740i/pentest-notes/blob/
master/pivoting.md
https://github.com/jpillora/chisel
Practical exam, no multiple choice
Use any tool you want, seriously
5 days for testing, 2 days report writing
$299 standalone exam
$399 exam with training
Veteran and student discounts available
https://certifications.tcm-sec.com/
https://github.com/gh0x0st/Buffer_Overflow
https://github.com/johnjhacking/Buffer-
Overflow-Guide
https://github.com/Tib3rius/Pentest-
Cheatsheets/blob/master/exploits/buffer-
overflows.rst
https://github.com/justinsteven/
dostackbufferoverflowgood
https://github.com/V1n1v131r4/OSCP-Buffer-
Overflow
https://github.com/joshua17sc/Buffer-
Overflows
https://github.com/CyberSecurityUP/
AWESOME-EXPLOIT-DEVELOPMENT
https://hausec.com/2019/03/05/penetration-
testing-active-directory-part-i/
https://www.pentesteracademy.com/
activedirectorylab
https://www.udemy.com/course/active-
directory-red-team-hacking/
https://www.youtube.com/watch?v=
BjKcBwkSupY
https://book.hacktricks.xyz/windows/active-
directory-methodology
https://github.com/S1ckB0y1337/Active-
Directory-Exploitation-Cheat-Sheet
https://github.com/balaasif6789/AD-
Pentesting
https://drive.google.com/file/d/1pb_8i_kc68P_
RksLPUFEi9TJwAH_wqvI/view?usp=sharing
https://drive.google.com/file/d/1Hjq_
Hc8dQEF_ZhNFtGMrl2GELoryboyW/view?
usp=sharing
https://drive.google.com/file/d/1znezUNtghkcFhwfKMZmeyNrtdbwBXRsz/view?usp=sharing
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
https://0xsp.com/offensive/privilege-escalation-cheatsheet
https://pentest.tonyng.net/windows-privilege-escalation-a-cheatsheet/
https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html
https://www.fuzzysecurity.com/tutorials/16.html
https://www.hackingdream.net/2020/03/windows-privilege-escalation-cheatsheet-for-oscp.html
https://book.hacktricks.xyz/windows/
windows-local-privilege-escalation
https://joshruppe.com/basic-windows-
enumeration/
https://www.noobsec.net/privesc-windows/
https://www.bytefellow.com/windows-
privilege-escalation-cheatsheet-for-oscp/
https://github.com/frizb/Windows-Privilege-
Escalation
https://github.com/netbiosX/Checklists/
blob/master/Windows-Privilege-Escalation.
md
https://github.com/carlospolop/winPE
https://lolbas-project.github.io/
https://github.com/ankh2054/linux-pentest
https://github.com/MrPineMan/Awesome-
Reverse-Shell
https://github.com/lukechilds/reverse-shell
https://github.com/WangYihang/Reverse-
Shell-Manager
https://github.com/nodauf/Girsh
https://github.com/mzfr/rsh
https://github.com/carlospolop/privilege-
escalation-awesome-scripts-suite
https://blog.g0tmi1k.com/2011/08/basic-
linux-privilege-escalation/
https://johnjhacking.com/blog/linux-
privilege-escalation-quick-and-dirty/
https://0xsp.com/offensive/privilege-
escalation-cheatsheet
https://sushant747.gitbooks.io/total-oscp-
guide/content/privilege_escalation_-_linux.
html
https://www.hackingarticles.in/privilege-
escalation-cheatsheet-vulnhub/
https://blog.thehackingnomad.com/cheat-
sheet-series/privesc-linux
https://gtfobins.github.io/
https://riccardoancarani.github.io/2019-10-
04-lateral-movement-megaprimer/
https://posts.specterops.io/offensive-lateral-
movement-1744ae62b14f
https://www.ired.team/offensive-security/
lateral-movement
https://pentestlab.blog/2020/07/21/lateral-
movement-services/
https://www.varonis.com/blog/penetration-
testing-explained-part-iv-making-the-
lateral-move/
https://logrhythm.com/blog/what-is-lateral-
movement-and-how-to-detect-it/
https://github.com/MicrosoftDocs/ATADocs/
blob/master/ATPDocs/playbook-lateral-
movement.md
https://github.com/rmusser01/Infosec_
Reference/blob/master/Draft/ATT%26CK-
Stuff/ATT%26CK/Lateral%20Movement.md
https://redcanary.com/blog/lateral-
movement-with-secure-shell/
https://mrw0r57.github.io/2020-05-31-linux-
post-exploitation-10-4/
https://ivanitlearning.wordpress.com/2019/
02/10/linux-exploitation-lateral-movement/
https://azeria-labs.com/lateral-movement/
https://academy.tcm-sec.com/p/osint-
fundamentals
https://academy.tcm-sec.com/p/practical-
ethical-hacking-the-complete-course
https://academy.tcm-sec.com/p/linux-
privilege-escalation
https://academy.tcm-sec.com/p/windows-
privilege-escalation-for-beginners
https://tryhackme.com/
https://www.hackthebox.eu/
vulnhub.com
vulnmachines.com
https://www.mindmeister.com/pt/
1781013629/the-best-labs-and-ctf-red-team-
and-pentest
https://mattschmidt.net/2021/05/04/tcm-
cpeh-exam-certification-review/
https://www.youtube.com/watch?v=2jhyPg-
yzzs