I am trying to get into pen testing ( I am SE) and I already know how to use many tools (ZAP, Burp, meta…, sqlmap and many kali tools ) but I feel that I am just trying what work and what not and not really sure what I am doing.

Is there some manual or tactics which are saying how to start and if this does not work try this and than this … and how to recognize dead ends?

Not sure if I make it clear :slight_smile: