- These are notes for Pentesting and it is organised based on the methodology rather than technology.
- Within each folder in Reconnaissance, Vulnerability Assessment and Exploitation, there will be sub folders for Network Pentest, WebApp Pentest and System Pentest.
- Fundamentals
- Network
- Web App
- System
-
The methodology used is as such :
-
Pentesting is not about going from Steps 1 to 3 but rather, Steps 1 and 2 are to be seen as a loop and Step 4 is the last step.
- Black Box Pentest : Passive Recon Phase --> Active Recon (DNS Enum --> IP Netblock Enum --> (White Box Pentest))
- White Box Pentest : Live Host Enum --> Further DNS Enum --> OS Scanning --> Port Scanning --> Service Scanning --> Vulnerability Analysis --> Validation --> Exploit
Below are resources for Pentest exams
- https://tryhackme.com/room/relevant
- Buffer Overflow Practice
- https://tryhackme.com/room/internal
- https://tryhackme.com/room/wreath
- nmap Automation with Python
- Awesome HAcking Resource
- dostackbufferoverflowgood
- Pivoting with socks_proxy & Portfwd
- Pivoting with reverse Portfwd
- Get a Kali VM Image
- Additional Things to Install :
- seclist
sudo apt-get -y install seclists
- seclist
- Best Practice : Revert to Last Known Good snapshot before installing new tools and once new tools is verified, create new snapshot.
Disclaimer: Firstly, I would like to indicate that a lot of information was lifted from other websites and that content belongs to them (this is indicated on the pages). I thank all the people that share cyber-security related information for free on the Internet, it's because of you guys I get to learn new tricks so conveniently and with low cost