Build job-ready ethical hacking + blue-team skills—hands-on, ethics-first.

Orientation & Foundations Attack chain, CIS Controls; networking basics; Linux/Windows/AD; Bash/PowerShell/Python; Git notes.

Lab Setup VirtualBox/VMware topology; Kali on desktop/Windows; safe practice targets.

Networking & Visibility Nmap; Wireshark (ARP→TCP→HTTP/TLS); WAF basics.

OSINT Google dorks, Recon-ng 2021, Maltego.

Web & API OWASP Top 10; OAuth2/OIDC/JWT/passkeys; ZAP; Juice Shop/WebGoat; SQLMap.

Systems & AD Windows internals; cmd/PowerShell; AD 101; privilege escalation; credential hygiene (theory).

Exploitation & C2 Metasploit & post-ex; Empire (lab-safe); payload OPSEC (theory); PsExec/SMB; HTA/macro; tunneling (SSH/chisel/NGROK).

Wireless WPA2/3 workflow, Bettercap, ARP spoofing.

Mobile (Android) ADB/remote control; reversing & storage; SQLi/intents; GPS/SMS (lab only).

Social & Client-Side SET, BeEF, phishing, browser geo, Firefox creds (local).

Blue-Team & IR Snort, Wazuh, Sysmon, Sigma/ATT&CK; IR basics; vuln management (CVSS v4).

Capstones & Portfolio Exploit→log→fix; System/AD priv-esc + detections; Snort + Sigma rules; package evidence.

Education only—use your own lab or written permission.