💎 ROADMAP: İleri Seviye (18+ Ay)
"Uzmanlaşma, disiplin ve sürekli öğrenmenin ürünüdür."
📋 İçindekiler
🎯 Giriş
Bu roadmap, ileri seviye uzmanlaşma ve profesyonelleşme hedefinde olanlar içindir.
📊 Ön Koşullar (Orta Seviye Tamamlanmış)
TEXT
✅ Çoğu makineyi bağımsız çözebiliyorum
✅ AD exploitation biliyorum
✅ Advanced web zafiyetleri bulabiliyorum
✅ Script/tool yazabiliyorum
✅ 50+ makine çözümü var
✅ Bir alana odaklanmaya hazırım🎓 Bu Seviyede Kazanacaklarınız
TEXT
✅ Derinlemesine uzmanlaşma (Red Team, Cloud, RE, vb.)
✅ İleri seviye sertifikalar (OSEP, CRTO, GREM, vb.)
✅ 0-day research & exploit development
✅ Tool/Framework geliştirme
✅ Topluluk liderliği & eğitmenlik
✅ Profesyonel kariyer geçişi🗺️ Karar Ağacı
TEXT
Uzmanlaşmak ve profesyonelleşmek istiyorum
│
├─► Hangi alanda uzmanlaşacağım?
│ │
│ ├─► Red Team Operations
│ │ │
│ │ Yes ──► RED TEAM MASTERY
│ │ │ │
│ │ │ ├─► 📖 guides/13_red_blue_team/red_team_ops.md
│ │ │ ├─► 📄 cheatsheets/phase_21_redteam_ops_opsec_tradecraft/
│ │ │ └─► Focus Areas:
│ │ │ • C2 Frameworks (Covenant, Sliver, Havoc)
│ │ │ • OPSEC & Tradecraft
│ │ │ • Custom tool development
│ │ │ • Payload obfuscation & AV evasion
│ │ │ • Persistence techniques
│ │ │ • Lateral movement mastery
│ │ │ └─► Pratik:
│ │ │ • HTB Pro Labs (Dante, Offshore, RastaLabs)
│ │ │ • Corporate pentest simulations
│ │ │ • Red Team vs Blue Team exercises
│ │ │ └─► Hedef Sertifikalar:
│ │ │ • OSEP (Offensive Security Experienced Pentester)
│ │ │ • CRTO (Certified Red Team Operator)
│ │ │ • CARTP (Certified Azure Red Team Professional)
│ │ │ └─► Kariyer:
│ │ │ • Red Team Operator
│ │ │ • Red Team Lead
│ │ │ • Penetration Test Manager
│ │ │
│ ├─► Cloud Security
│ │ │
│ │ Yes ──► CLOUD SECURITY EXPERT
│ │ │ │
│ │ │ ├─► 📖 guides/21_cloud_security/ (TÜM)
│ │ │ ├─► 📄 cheatsheets/phase_16_cloud_security/ (TÜM)
│ │ │ ├─► 📖 guides/20_container_orchestration/ (TÜM)
│ │ │ └─► Focus Areas:
│ │ │ AWS:
│ │ │ • 📖 aws_pentest_guide.md
│ │ │ • IAM privilege escalation
│ │ │ • S3 bucket exploitation
│ │ │ • Lambda/Serverless attacks
│ │ │ • EC2/ECS/EKS security
│ │ │
│ │ │ Azure:
│ │ │ • 📖 azure_pentest_guide.md
│ │ │ • Azure AD attacks
│ │ │ • Storage account exploitation
│ │ │ • Azure DevOps security
│ │ │
│ │ │ GCP:
│ │ │ • 📖 gcp_pentest_guide_p1.md
│ │ │ • 📖 gcp_pentest_guide_p2.md
│ │ │ • GCP IAM attacks
│ │ │ • GKE security
│ │ │
│ │ │ Kubernetes:
│ │ │ • 📖 kubernetes_pentest.md
│ │ │ • RBAC exploitation
│ │ │ • Pod escape
│ │ │ • Admission controller bypass
│ │ │ └─► Pratik:
│ │ │ • flAWS.cloud (advanced)
│ │ │ • CloudGoat all scenarios
│ │ │ • HTB Cloud-focused machines
│ │ │ • Real cloud environments (AWS/Azure free tier)
│ │ │ └─► Hedef Sertifikalar:
│ │ │ • AWS Certified Security - Specialty
│ │ │ • Azure Security Engineer Associate
│ │ │ • GCP Professional Cloud Security Engineer
│ │ │ • CKS (Certified Kubernetes Security Specialist)
│ │ │ └─► Kariyer:
│ │ │ • Cloud Security Engineer
│ │ │ • Cloud Penetration Tester
│ │ │ • DevSecOps Engineer
│ │ │
│ ├─► Reverse Engineering & Malware Analysis
│ │ │
│ │ Yes ──► RE & MALWARE EXPERT
│ │ │ │
│ │ │ ├─► 📖 guides/17_malware_analysis/malware_analysis.md
│ │ │ ├─► 📖 guides/10_forensics/reverse_engineering.md
│ │ │ ├─► 📄 cheatsheets/phase_15_reverse_engineering/ (TÜM)
│ │ │ └─► Focus Areas:
│ │ │ Binary Analysis:
│ │ │ • x86/x64 assembly
│ │ │ • IDA Pro / Ghidra mastery
│ │ │ • Dynamic analysis (debuggers)
│ │ │ • Anti-debugging techniques
│ │ │
│ │ │ Malware Analysis:
│ │ │ • Static/Dynamic analysis
│ │ │ • Unpacking techniques
│ │ │ • Behavioral analysis
│ │ │ • YARA rules
│ │ │ • Sandbox evasion
│ │ │
│ │ │ Mobile RE:
│ │ │ • 📖 guides/22_mobile_security/
│ │ │ • Android (APK, DEX, Native)
│ │ │ • iOS (IPA, Mach-O)
│ │ │ • Frida/objection mastery
│ │ │ └─► Pratik:
│ │ │ • Crackmes.one challenges
│ │ │ • Malware samples (theZoo, malware-samples)
│ │ │ • CTF RE challenges (expert)
│ │ │ • Real malware analysis (controlled env)
│ │ │ └─► Hedef Sertifikalar:
│ │ │ • GREM (GIAC Reverse Engineering Malware)
│ │ │ • GXPN (GIAC Exploit Researcher)
│ │ │ └─► Kariyer:
│ │ │ • Malware Analyst
│ │ │ • Reverse Engineer
│ │ │ • Threat Intelligence Analyst
│ │ │
│ ├─► Web Application Security (Expert)
│ │ │
│ │ Yes ──► WEB SECURITY EXPERT
│ │ │ │
│ │ │ ├─► 📖 guides/03_web_exploitation/web_security_advanced.md
│ │ │ ├─► 📖 guides/19_api_security/ (TÜM)
│ │ │ ├─► 📄 cheatsheets/phase_2_web_application/ (TÜM)
│ │ │ ├─► 📄 cheatsheets/phase_11_modern_attacks/ (TÜM)
│ │ │ └─► Focus Areas:
│ │ │ Modern Frameworks:
│ │ │ • React/Vue/Angular attacks
│ │ │ • GraphQL security
│ │ │ • WebSocket exploitation
│ │ │ • JWT/OAuth advanced attacks
│ │ │
│ │ │ Advanced Techniques:
│ │ │ • HTTP/2 smuggling
│ │ │ • Cache poisoning
│ │ │ • Prototype pollution
│ │ │ • SSTI advanced
│ │ │ • Race conditions
│ │ │
│ │ │ Code Review:
│ │ │ • White-box testing
│ │ │ • Source code analysis
│ │ │ • Secure coding practices
│ │ │ └─► Pratik:
│ │ │ • PortSwigger all expert labs
│ │ │ • PentesterLab Pro complete
│ │ │ • Active bug bounty hunting
│ │ │ • HackerOne/Bugcrowd top programs
│ │ │ └─► Hedef Sertifikalar:
│ │ │ • OSWE (Offensive Security Web Expert)
│ │ │ • eWPT (eLearnSecurity Web Pentester)
│ │ │ • BSCP (Burp Suite Certified Practitioner)
│ │ │ └─► Kariyer:
│ │ │ • Senior Web App Pentester
│ │ │ • Bug Bounty Hunter (full-time)
│ │ │ • Application Security Engineer
│ │ │
│ └─► IoT / Hardware / Firmware
│ │
│ Yes ──► IoT/HARDWARE SECURITY
│ │ │
│ │ ├─► 📖 guides/12_iot_hardware/iot_hardware_security.md
│ │ ├─► 📄 cheatsheets/phase_19_iot_hardware_firmware_security/ (TÜM)
│ │ ├─► 📄 cheatsheets/phase_23_wireless_radio_sdr_security/ (TÜM)
│ │ └─► Focus Areas:
│ │ • Firmware extraction & analysis
│ │ • UART/JTAG exploitation
│ │ • Wireless protocols (Zigbee, BLE, RFID)
│ │ • SDR (Software Defined Radio)
│ │ • Hardware hacking (soldering, logic analyzers)
│ │ └─► Hedef Sertifikalar:
│ │ • GREM (hardware focus)
│ │ • Offensive IoT Exploitation (vendor specific)
│ │ └─► Kariyer:
│ │ • IoT Security Researcher
│ │ • Hardware Pentester
│ │ • Firmware Security Analyst
│ │
│ │
├─► Sertifika almak istiyorum mu?
│ │
│ Yes ──► Hangi sertifika?
│ │ │
│ │ ├─► OSEP (Red Team Advanced)
│ │ │ └─► Evasion techniques focus
│ │ │ └─► 📄 cheatsheets/phase_8/av_evasion_cheatsheet.md
│ │ │ └─► 📄 cheatsheets/phase_8/amsi_bypass_cheatsheet.md
│ │ │ └─► 6-9 ay hazırlık
│ │ │
│ │ ├─► CRTO/CRTE (AD Advanced)
│ │ │ └─► Full AD mastery
│ │ │ └─► 📖 guides/07_active_directory/ (TÜM)
│ │ │ └─► 4-6 ay hazırlık
│ │ │
│ │ ├─► OSWE (Web Advanced)
│ │ │ └─► Code review & white-box testing
│ │ │ └─► 6-9 ay hazırlık
│ │ │
│ │ └─► GREM (Malware & RE)
│ │ └─► Malware analysis deep dive
│ │ └─► 6-12 ay hazırlık
│ │
│ No
│ │
├─► Kendi alanımı oluşturmak istiyorum mu?
│ │
│ Yes ──► Research & Development
│ │ │
│ │ ├─► 0-day Research
│ │ │ └─► Fuzzing öğren
│ │ │ └─► Vulnerability research
│ │ │ └─► CVE başvurusu
│ │ │ └─► Responsible disclosure
│ │ │
│ │ ├─► Tool Development
│ │ │ └─► 📖 guides/16_scripting_automation/tool_dev_guide.md
│ │ │ └─► GitHub open-source projects
│ │ │ └─► Framework geliştirme
│ │ │
│ │ └─► Content Creation
│ │ └─► Blog/Medium yazıları
│ │ └─► YouTube kanalı
│ │ └─► Conference konuşmaları (BSides, DEF CON)
│ │ └─► Training/Course oluşturma
│ │
│ No
│ │
└─► Profesyonel kariyer geçişi
│
├─► Hangi role?
│ ├─► Red Team Operator/Lead
│ ├─► Security Consultant
│ ├─► Application Security Engineer
│ ├─► Cloud Security Engineer
│ ├─> Malware Analyst
│ └─► Security Researcher
│
└─► Hazırlık:
• CV/LinkedIn optimize et
• Portfolio oluştur (GitHub, blog)
• Network kur (conferences, meetups)
• Interview pratikleri yap🚀 Uzmanlaşma Yolları (Detaylı)
1️⃣ Red Team Operations - Full Path
Yıl 1: Fundamentals
TEXT
Q1: C2 Frameworks
• Covenant setup & usage
• Sliver C2 mastery
• Havoc framework
• Custom C2 development basics
Q2: OPSEC & Tradecraft
📄 cheatsheets/phase_21/opsec_rules_md.md
• Operational security principles
• Anti-forensics
• Log cleaning
• Backdoor persistence
Q3: Payload Development
📄 cheatsheets/phase_21/payload_obfuscation.md
• Shellcode development
• Payload obfuscation
• Encoder/Crypter development
Q4: Evasion Techniques
📄 cheatsheets/phase_8/av_evasion_cheatsheet.md
📄 cheatsheets/phase_8/amsi_bypass_cheatsheet.md
• AV/EDR bypass
• AMSI bypass
• Sandbox evasionYıl 2: Advanced & Practice
TEXT
Q1-Q2: OSEP Hazırlık
• PEN-300 course
• AD exploitation advanced
• Lateral movement techniques
Q3: Corporate Pentest Simulations
• HTB Pro Labs (Dante, Offshore)
• Real-world scenarios
Q4: OSEP Exam + CertificationKariyer Hedefi:
TEXT
Junior Red Team Operator → Red Team Operator → Senior Red Team Operator → Red Team Lead
Yıllık maaş beklentisi: $80K-$150K+ (US market, deneyime göre)2️⃣ Cloud Security - Full Path
Yıl 1: Cloud Foundations
TEXT
Q1: AWS Security
📖 guides/21_cloud_security/aws_pentest_guide.md
• IAM deep dive
• S3 bucket security
• EC2/Lambda security
• Pratik: flAWS.cloud, CloudGoat
Q2: Azure Security
📖 guides/21_cloud_security/azure_pentest_guide.md
• Azure AD exploitation
• Storage/Compute security
• Pratik: Azure Goat
Q3: GCP & Kubernetes
📖 guides/21_cloud_security/gcp_pentest_guide_p1.md
📖 guides/20_container_orchestration/kubernetes_pentest.md
• GCP IAM attacks
• GKE security
Q4: Certifications
• AWS Security Specialty
• CKS (Kubernetes Security)Yıl 2: Specialization
TEXT
Q1-Q2: Cloud Pentesting Advanced
• Real cloud environments
• DevSecOps integration
• CI/CD pipeline security
Q3-Q4: Consulting/Research
• Cloud security assessments
• Tool development for cloudKariyer Hedefi:
TEXT
Cloud Security Engineer → Senior Cloud Security Engineer → Cloud Security Architect
Yıllık maaş beklentisi: $90K-$160K+ (US market)3️⃣ Reverse Engineering & Malware Analysis - Full Path
Yıl 1: RE Foundations
TEXT
Q1: Assembly & Low-Level
• x86/x64 assembly mastery
• CPU architecture
• Memory management
• Calling conventions
Q2: Binary Analysis Tools
📖 guides/10_forensics/reverse_engineering.md
• IDA Pro mastery
• Ghidra proficiency
• Debuggers (x64dbg, WinDbg, GDB)
Q3: Malware Analysis Basics
📖 guides/17_malware_analysis/malware_analysis.md
• Static analysis
• Dynamic analysis
• Unpacking techniques
• Behavioral analysis
Q4: Advanced Techniques
• Anti-debugging bypass
• Anti-VM bypass
• Code obfuscation analysisYıl 2: Specialization
TEXT
Q1-Q2: Real Malware Analysis
• Malware samples analysis
• YARA rules development
• Threat intelligence
Q3: Mobile RE (optional)
📖 guides/22_mobile_security/
• Android reverse engineering
• iOS reverse engineering
Q4: GREM CertificationKariyer Hedefi:
TEXT
Junior Malware Analyst → Malware Analyst → Senior Malware Analyst → Threat Intel Lead
Yıllık maaş beklentisi: $85K-$140K+ (US market)🎓 İleri Seviye Sertifikalar
OSEP (Offensive Security Experienced Pentester)
Odak: Evasion, AV/EDR bypass, advanced exploitation
Hazırlık Süresi: 6-9 ay
İçerik:
TEXT
• Process injection & migration
• AV/EDR evasion
• AMSI bypass
• Lateral movement (advanced)
• Linux & Windows AD attacks
• Custom payload developmentÖnerilen Yol:
TEXT
1. PEN-300 course (3 ay)
2. Practice labs (2-3 ay)
3. HTB Pro Labs (1-2 ay)
4. Exam (48 saat + 24 saat rapor)CRTO/CRTE (Certified Red Team Operator/Expert)
Odak: Active Directory, Red Team operations
Hazırlık Süresi: 4-8 ay
İçerik:
TEXT
• AD enumeration advanced
• Kerberos attacks deep dive
• Domain dominance
• Forest/Domain trust exploitation
• ADCS attacks
• Red Team methodologyÖnerilen Yol:
TEXT
1. PentesterAcademy AD courses
2. HTB AD machines (10+)
3. Custom AD lab practice
4. Exam (24/48 saat)OSWE (Offensive Security Web Expert)
Odak: White-box web application testing
Hazırlık Süresi: 6-9 ay
İçerik:
TEXT
• Code review (PHP, Java, C#, JavaScript)
• Custom exploit development
• Advanced web attacks
• Blind injection techniques
• Source code static analysisGREM (GIAC Reverse Engineering Malware)
Odak: Malware analysis, reverse engineering
Hazırlık Süresi: 6-12 ay
İçerik:
TEXT
• Malware behavioral analysis
• Assembly & debuggers
• Unpacking & de-obfuscation
• Memory forensics
• Malware analysis automation💼 Kariyer Hedefleri
Red Team Path
TEXT
Entry → Junior Red Team Operator ($70K-$90K)
↓ 2-3 years
Mid → Red Team Operator ($90K-$120K)
↓ 3-5 years
Senior → Senior Red Team Operator ($120K-$150K)
↓ 5+ years
Lead → Red Team Lead ($150K-$200K+)Cloud Security Path
TEXT
Entry → Cloud Security Engineer ($80K-$100K)
↓ 2-3 years
Mid → Senior Cloud Security Engineer ($110K-$140K)
↓ 3-5 years
Senior → Cloud Security Architect ($140K-$180K+)Research Path
TEXT
Entry → Security Researcher ($75K-$100K)
↓ 3-5 years
Senior → Senior Researcher ($110K-$150K)
↓ 5+ years
Lead → Principal Researcher ($150K-$250K+)Bug Bounty (Full-Time)
TEXT
Part-time → Side income ($5K-$20K/year)
↓ 1-2 years
Full-time → Main income ($50K-$100K+/year)
↓ 2-3 years
Top Hunter → Leaderboard ($150K-$500K+/year)✅ İleri Seviye Tamamlama Kriterleri
TEXT
□ Uzmanlaşma: Bir alanda derinlemesine uzmanlık
□ Sertifika: İleri seviye sertifika (OSEP/CRTO/OSWE/GREM)
□ Tool: Kendi tool/framework geliştirdim
□ Research: CVE/0-day buldum veya research yayınladım
□ Content: Blog/YouTube/Conference konuşması yaptım
□ Topluluk: Aktif mentor ve katkıda bulunuyorum
□ Profesyonel: Sektörde çalışıyorum veya consultant'ım
□ Network: Sektörde geniş network kurdum🌟 Son Söz
İleri seviyeye ulaştınız! Artık:
- Mentor olun: Yeni başlayanlara yol gösterin
- Paylaşın: Bilginizi toplulukla paylaşın
- Geliştirin: Yeni tool ve teknikler geliştirin
- Araştırın: 0-day research yapın
- Eğitin: Kurslar ve eğitimler verin
Başarılarınızın devamını dileriz! 🚀