Analysis updated 2026-05-18
Follow the 18 phases in order to build offensive security skills from scratch.
Look up recommended free tools and resources for a specific red team topic.
Compare red teaming, penetration testing, and bug bounty hunting as career paths.
Find which certifications matter for a target stage of the roadmap.
| keraattin/red-team-roadmap | 0xhossam/uncanny | 89171/web3-101 | |
|---|---|---|---|
| Stars | 12 | 12 | 12 |
| Language | — | C | — |
| Setup difficulty | easy | hard | easy |
| Complexity | 2/5 | 5/5 | 1/5 |
| Audience | developer | researcher | general |
Figures from each repo's GitHub metadata at analysis time.
It is a reading roadmap, not software, so there is nothing to install.
This repository is a structured learning roadmap for people who want to become red team operators, the professional term for security specialists hired to simulate how real attackers break into an organization's systems. The roadmap is organized into 18 phases and is designed to take someone from complete beginner to a job-ready offensive security professional over 12 to 24 months, depending on available study hours per week. The first six phases cover foundations that everything else depends on: how computer networks work, how to use Linux and Windows at a deeper level than most everyday users, how to write basic scripts and read code, and how web applications are structured. The author is explicit that these phases cannot be skipped. After the foundations, the roadmap moves into more specialized territory: reconnaissance and open-source intelligence gathering, network attacks, Active Directory (the system large organizations use to manage user accounts and permissions), privilege escalation, and lateral movement between machines inside a network. The later phases cover techniques that require the earlier knowledge to make sense: command-and-control frameworks (the infrastructure attackers use to communicate with compromised machines), evading antivirus and detection software, initial access via phishing, attacking cloud environments, and testing AI systems for security weaknesses. Phase 16 lists practice lab environments. Phase 17 maps out certifications in the field, and Phase 18 covers how to find a job. The roadmap lists over 100 specific tools, 200 free resources, recommended books, podcasts, YouTube channels, communities, and conferences. The author distinguishes between red teaming, penetration testing, and bug bounty hunting, which are three related but different career paths that are commonly confused. The recommended total study time is 900 to 1,200 hours, and the author notes that attempting to skip directly to advanced topics without the foundations is a common mistake that leads to frustration.
A free, structured 18 phase roadmap that walks a beginner through everything needed to become a red team operator, with tools, certifications, and study resources for each stage.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.