Pentest-Vault is a structured collection of pentesting labs, CTF writeups, and personal notes created to help junior cybersecurity learners grow and develop real-world hacking skills.
This is not just a random collection of content — it's a step-by-step roadmap designed to guide your learning journey from beginner to intermediate levels.
When I started learning pentesting, it was difficult to find a clear path. This repository was created to organize everything I’ve learned and to help others who are just starting out.
It’s meant to be practical, focused, and easy to follow — not overwhelming.
Each folder in this repository represents a different stage or type of learning. You can follow them in order, or explore based on your current skill level.
Hands-on practice for the OWASP Top 10.
Start here with SQL Injection and basic web vulnerabilities.
Introductory Linux challenges.
A great starting point if you're new to using the terminal.
3. PicoCTF
Beginner-friendly Capture the Flag platform.
Focuses on core topics like web, crypto, and forensics.
Real-world labs based on web application security.
Work through vulnerabilities like IDOR, XSS, SSRF, and more.
TryHackMe beginner-level rooms and walkthroughs.
Covers enumeration, privilege escalation, and service exploitation.
More advanced rooms and writeups.
Apply what you’ve learned in increasingly complex environments.
General technical notes and concepts.
Use this as a reference section while working on challenges.
8. my-materials
Personal cheat sheets, summaries, and quick guides.
Includes tools, commands, and techniques I found useful.
You can clone the Pentest-Vault repository to your local machine with the following command:
git clone https://github.com/Ruhanyat-994/Pentest-Vault.gitgit clone [email protected]:Ruhanyat-994/Pentest-Vault.git📁 Then navigate into the folder:
cd Pentest-VaultExplore the folders step-by-step to follow the learning path.
Feel free to share it and contribute on the parts that needs to be changed and add helpful resources for the beginner.