Web application penetration testing
INFORMATION GATHERING (Passive + Active)
CROSS-SITE ING ATTACKS - XSS
	Refkected - Persistant - DOM-based
SQL INJECTION ATTACKS -
CROSS SITE REQUEST FORGERY - XSRF
AUTHENTICATION & AUTHORIZATION ATTACKS
XML EXTERNAL ENTITY ATTACKS - XXE

Network Security
Firewalls
	Linux (iptables ,UFW...)
	Windows (WFC)
		https://www.binisoft.org/wfc.php
	Routers (Openwrt firewall , DD-WRT firewall)
		https://wiki.openwrt.org/doc/uci/firewall
		https://www.dd-wrt.com/wiki/index.php/Firewall
Wireless and Wi-Fi Security
Wi-Fi Weaknesses (WEP, WAP, WAP2 )
Handshake & Dictionary Attacks
Ports & Services
Malware Analysis


Buffer!Overflows
Linux
Win32
SEH , Egg 
Password!Attacks
Brute Force & Wordlists
Malware Analysis
Honeypots
Advanced Persistent Threat (APTs)
Bug Bounty Programs
https://www.vulnerability-lab.com/list-of-bug-bounty-programs.php
https://www.synack.com/red-team/
https://bugcrowd.com/programs
Mobile Hacking



Tools :
Metasploit
Netcat
Wireshark
Burpsuite
Nmap
Maltego
Aircrack-ng
Armitage
Social Engineering Toolkit
Immunity Debugger
Shodan