H4k2l1v3 Curriculum

Hey there. If Vorpidi shared this to you and you’re new. This is the curriculum of the H4k2l1v3 community. Something you’ll be very familiar with if you manage to join us (cult ahh sentence lmao). If you haven’t joined us already and plan to. make sure to complete from Day 1 to at the very least Day 12 and note it down in Notion or a similar note taking software such as obsidian and host it publicly (see setting up quartz with obsidian to make a publicly accessible vault on the internet to know how to host obsidian vaults like i did here) so you can submit it as proof when the selection process begins. the videos are just there to give you a basic overview of the various topics you’ll need to cover and in no way teaches you everything. make sure to do your own research on the topics

• watch the first 15 minutes of this video to get an understanding of how we operate and what you will be doing once you join us: https://youtu.be/u91CS3oOvnI?t=25
• make sure to join our discord server as well. its where we do everything: https://discord.gg/zyrDWRqgM2
  • tip: go to channels and roles and enable the “tryhackme roadmap” category. a ton of rooms are there for you to solve
• oh and the Bangla videos (upto day 21) are mostly a mirror of these videos so you can follow these instead if you prefer English:
  • part 1: https://www.youtube.com/watch?v=3FNYvj2U0HM
  • part 2: https://www.youtube.com/watch?v=sH4JCwjybGs

Stage 1 : Basics

---

Day 1 : Introduction to Ethical Hacking in Bangla | Beginner’s Guide

Outline : 

1. Introduction

2. Daily life of a penetration tester or an ethical hacker

3. Effective Note Keeping

4. Important Tools For Note Keeping

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/introtoresearch
• https://tryhackme.com/room/careersincyber

Day 2 : Ethical Hacking in Bangla | IP and MAC Address Explained

Outline :

5. Network Refresher Introduction

6. Ip address

7. Mac Address

Day 3 : OSI and TCP-IP Model | Ethical Hacking in Bangla Explained

Outline :

8. OSI and the TCP/IP Model

9. TCP, UDP & Three Way Handshake

10.  Common Ports And Protocols (make sure to get a thorough understanding of what each protocol does and how they work at a low level)

11. Subnetting (you’ll have to manually do subnetting calculations. prepare accordingly)

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/introtonetworking (task 1 - 4)

Day 4 : Kali Linux for Beginners | Ethical Hacking Tutorial in Bangla

Outline :

11. Installing Vmware or VirtualBox

12. Installing Kali Linux

13. Configuring virtualbox

14. Kali linux overview

15. Sudo overview

16. Navigating File System

some resources added by Vorpidi to the curriculum:

• https://labex.io/skilltrees/linux
• https://tryhackme.com/room/linuxfundamentalspart1
• https://tryhackme.com/room/linuxstrengthtraining

Day 5 : User, Privileges & File System in Kali Linux | Ethical Hacking for Beginners in Bangla

Outline :

17. Users And Privileges

18. File system of linux system

19. How to add different users

20. Default root login

Day 6 : Kali Linux for Beginners | Ethical Hacking Tutorial in Bangla (Final Part)

Outline :

21. Common Network Commands

22. Viewing, Creating And Editing Files

23. Started and stopping services

24. Installing And Updating Tools

Day 7 : 5 Stages of Hacking | Ethical Hacking Explained in Bangla | Beginner’s Guide

Outline :

25. 5 stages of ethical hacking

26. Passive and active recon

27. Identifying our target

28. Breached Credentials

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/hackermethodology
• https://tryhackme.com/room/passiverecon
• https://tryhackme.com/room/activerecon

Day 8 : Ethical Hacking in Bangla | SubDomain Enumeration explained for beginners

Outline :

29. Hunting subdomains

30. Identifying Web technologies

Day 9 : Ethical Hacking In Bangla | BurpSuite Basic For Beginners 

Outline :

31. Gathering Information From Burpsuite

32. Burpsuite different tabs overview

33. Idea about proxy tab

34. Idea about repeater tab 

35. Idea about target tab

36. Idea about intruder tab 

Day 10 : Ethical Hacking In Bangla | Osint | Google Dorking And Social Media Search Techniques  

Outline :

37. Google fu

38. Utilizing social media

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/ohsint

Day 11 : Ethical Hacking In Bangla | Installing Kioptrix | Hacking Lab For Beginners | Practical

Outline :

39. Kioptrix Installation

• Kioptrix Download Link: https://drive.google.com/drive/folders/1VXEuyySgzsSo-MYmyCareTnJ5rAeVKeH

Day 12 : Nmap Basics Bangla Tutorial | Learn the Fundamentals of Nmap | Ethical Hacking for Beginners

Outline : 

40. Scanning with nmap

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/furthernmap

Day 13 : Mastering HTTP Enumeration - Essential Guide for Ethical Hacking | Ethical Hacking In Bangla

Outline :

41. Enumerating http/https

Day 14 : SMB and SSH Enumeration

• video 1 :  (445/139) SMB Enumeration Techniques | Bangla Tutorial | SMBClient, RPCClient, Enum4Linux,NMBLookup
• Video 2 :  Day 14 : SMB & SSH Enumeration for Beginners | Ethical Hacking In Bangla

Outline :

42. Enumerating smb

43. Enumerating ssh

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/networkservices

Day 15 : Vulnerability Analysis in Bangla – Uncover Security Threats | Ethical Hacking In Bangla

Outline : 

44. Researching the potential vulnerabilities

45. Our notes revised

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/vulnerabilities101

Day 16 : Nessus

Outline :

46. Installing Nessus

47. Scanning With Nessus

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/rpnessusredux

Day 17 : Exploiting Kioptrix with Metasploit | Reverse Shell/Bind Shell | Ethical Hacking In Bangla

Outline :

48. Reverse Shell vs Bind Shell

49. Staged vs non-staged payloads

50. Gaining root With metasploit

Day 18 : Final Part | Exploiting Kioptrix Manually | How to Perform Brute-Force Attack | Bangla

Outline :

51. Manual exploitation

52. Brute force attacks

53. Credential stuffing and password sniffing 

54. Our notes revised

Stage 2 : Exploitation

---

Day 19 : TCM Security Capstone Academy Walkthrough in Bangla

Download Link : PEH Capstone

Outline :

55. Academy setup

56. Academy exploitation technique

• Academy Download Link: https://drive.google.com/drive/folders/1VXEuyySgzsSo-MYmyCareTnJ5rAeVKeH

Day 20 : TCM Security Capstone Dev Walkthrough in Bangla

DownLoadLink : PEH Capstone

Outline :

57. Dev Setup

58. Dev exploitation

• Dev Download Link: https://drive.google.com/drive/folders/1VXEuyySgzsSo-MYmyCareTnJ5rAeVKeH

Day 21 : TCM Security Capstone BlackPearl Walkthrough in Bangla | pJPT, eJPT, Ceh Practical Bangla Guide

DownLoadLink: PEH Capstone

Outline :

59. Blackpearl Setup

60. Blackpearl exploitation

• Blackpearl Download Link: https://drive.google.com/drive/folders/1VXEuyySgzsSo-MYmyCareTnJ5rAeVKeH

Stage 3 : Prep for CEH and eJPT

---

Day 22 : How to Create a TryHackMe Account & Get Started | Ethical Hacking for Beginners in Bangla

CreateAccount : https://tryhackme.com/signup 

Outline :

61. Introduction to tryhackme

62. Creating account

63. Tryhackme deep overview

Day 23 : Bolt CMS Exploitation Tutorial (Bangla) | TryHackMe ‘Bolt: A Hero is Unleashed’ Walkthrough

Room Link : TryHackMe | Bolt 

Outline : 

64. Bolt cms exploitation techniques

65. Researching vulnerabilities

Day 24 : TryHackMe Blog Room Walkthrough in Bangla | WordPress Cms Hacking | CEH Practical & eJPT guide

Room Link : TryHackMe | Blog

Outline :

66. Wordpress vulnerabilities

67. Vulnerable plugin enumeration

68. Wordpress hacking

Day 25 : ColddBox:Easy TryHackMe Walkthrough in Bangla | WordPress Cms Exploitation | CEH Practical & eJPT

Room Link : TryHackMe | ColddBox: Easy 

Outline :

69. Wordpress cms exploitation

70. Reverse shell

Day 26 : Fuel Cms | Ignite TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Exam Preparation

Room Link : TryHackMe | Ignite 

Outline :

72. Ignite Cms exploitation 

Day 27 : SQL INJECTION (make sure to learn how to manually do all the SQLi types from burp)

Room Link : TryHackMe | SQHell 

Outline :

73. Sql injection introduction

74. Sql injection overview

75. Sql injection

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/sqlinjectionlm
• https://tryhackme.com/room/sqlmap

Day 28 : Room Link : Basic Pentesting 

VideoLink :  Basic Pentesting TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Preparation Outline :

76. Penetration testing basic

77. Think out of the box

Day 29 : Room Link : TryHackMe | Kenobi 

Video Link : Kenobi TryHackMe Walkthrough in Bangla | Prepare for eJPT & CEH Practical

Day 30 : 

Room Link : Easy Peasy

Outline :

78. Hash Cracking 

Day 31 : Agent Sudo TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Preparation

Room Link : TryHackMe | Agent Sudo 

Day 32 : RootMe TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Exam Preparation

Room Link : TryHackMe | RootMe 

Day 33 : Brooklyn Nine-Nine TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Exam Preparation

Room Link : TryHackMe | Brooklyn Nine Nine  (BruteForce)

Day 34 : SkyNet TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Exam Preparation  

Room Link : TryHackMe | Cyber Security Training 

Day 35 : StartUp TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Prep

Room Link : TryHackMe | Startup 

Day 36 : Gaming Server TryHackMe Walkthrough in Bangla | eJPT & CEH Practical Exam Preparation

Room Link : TryHackMe | GamingServer 

Day 37 : Blue TryHackMe Walkthrough in Bangla | hacking windows 7 | EternalBlue | ms17-010

Room Link : TryHackMe | Blue 

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/windowsfundamentals1xbx
• https://tryhackme.com/room/windowsfundamentals2x0x
• https://tryhackme.com/room/windowsfundamentals3xzx

Day 38 : Hacking Windows 7 | ICE TryHackMe Walkthrough in Bangla | eJPT and CEH Practical Guide

Room Link : TryHackMe | Ice 

Day 39 : Blaster TryHackMe Walkthrough in Bangla | hacking windows | UAC Bypass | eJPT & CEH Practical Guide

Room Link : TryHackMe | Blaster 

some resources added by Vorpidi to the curriculum:

• https://tryhackme.com/room/bypassinguac

Day 40 : 

Room Link : https://tryhackme.com/r/room/steelmountain   

Day 41 : Relevant TryHackMe in Bangla | eJPT & CEH Practical Exam Preparation | windows Server 2016 Hacking

Room Link : TryHackMe | Relevant 

Day 42 : 

Room Link : ICA: 1 ~ VulnHub 

Day 43 : 

Room Link : DC: 1 ~ VulnHub 

Day 44 : 

Room Link : Hack Me Please: 1 ~ VulnHub 

Day 45 : 

Room Link : symfonos: 1 ~ VulnHub 

Day 46 : 

Room Link : TryHackMe | Linux PrivEsc (1-5)

Day 47 :

Room Link :  TryHackMe | Linux PrivEsc (6-10)

Day 48 : 

Room Link : TryHackMe | Linux PrivEsc (11-15)

Day 49 : 

Room Link : TryHackMe | Linux PrivEsc (16-21)

Day 50 : 

Room Link : TryHackMe | Linux Privilege Escalation (1-3)

Day 51 : 

Room Link : TryHackMe | Linux Privilege Escalation (4-6)

Day 52 : 

Room Link : TryHackMe | Linux Privilege Escalation (7-9)

Day 53 : 

Room Link : TryHackMe | Linux Privilege Escalation (10-12)

Day 54 : 

Room Link : Wreath (1-5)

Day 55 : 

Room Link : Wreath (6-10)

Day 56 : 

Room Link : Wreath (11-15)

Day 57 : 

Room Link : Wreath (16-20)

Day 58 : 

Room Link : Wreath (21-25)

Day 59 : 

Room Link : Wreath (26-30)

Day 60 : 

Room Link : Wreath (31-35)

Day 61 : 

Room Link : Wreath (36-40)

Day 62 : 

Room Link : Wreath (41-46)

Day 63 : 

Room Link : TryHackMe | VulnNet: Internal

Stage 4 : Active Directory

---

this part’s extra. isn’t really required for eJPT or CEH. but it is helpful for the OSCP, PNPT, CRTO, CPTS exams

Day 64 : 

Outline : 

1.  Active Directory Overview

2. Physical Active Directory Component

3. Logical active Directory Component

Day 65 : 

Outline : 

4. Ad Lab Overview

5. Downloading Necessary ISO’s

6. Setting Up Domain Controller

Day 66 : 

Outline : 

7. Setting up user machines

8. Setting up users, groups and policies

9. Joining Our Machines to the domain

Day 67 : 

Outline : 

10.  Initial Ad Attack Overview

11. LLMNR poisoning Overview

12. Capturing NTTLMv2 Hash from responder

13. Password Cracking 

Day 68 : 

14. Smb Relay Attack

15. Quick Lab Update

16. Discovering host with smb signing disable

17. Smb relay attack

18. Gaining Shell Access

Day 69 : 

19. IPv6 Attacks Overview

20. Installing mitm6

21. Setting up ldaps

22. IPv6 Dns Attacks

Day 70 : 

23. Passback Attacks

24. Other Attack Vector And strategies

Day 71 : 

25. Post Compromise enumeration

26. Powerview overview

27. Domain Enumeration With Powerview

Day 72 : 

28. Bloodhound Overview

29. Grabbing Data with Invoke Bloodhound

30. Using Bloodhound to review domain datta

Day 73 : 

31. Pass the Hash And password overview

32. Installing crackmapexec

33. Pass the password attacks

34. Dumping hashes with secretdump

35. Cracking NTLM hashes with hashcat

36. Pass the hash attacks

Day 74 : 

37. Token Impersonation Overview

38. TToken Impersonation With Incognito

Day 75 : 

39. Kerberoasting Overview

40. Kerberoasting Overview

Day 76 : 

41. GPP Password Attacks Overview

42. Abusing GPP

43. Url File Attacks

Day 77 : 

44. Mimikatz Overview

45. Credential Dumping With Mimikatz

46. Golden Tickets Attacks