killchain-compendium/README.md

# KillChain Compendium - A Concise Security Handbook

The "KillChain Compendium" is a steadily growing, organized collection of in-depth resources, insights, and practical guidance, structured within the framework of the Kill Chain methodology. It serves as a comprehensive reference manual, offering knowledge and strategies for navigating the world of hacking, penetration testing, and cybersecurity. Whether you're an aspiring hacker, a seasoned security professional, or anyone seeking to delve into the intricacies of securing digital systems, the "KillChain Compendium" provides insights into each stage of the cyber kill chain while offering notes, actionable advice and real-world examples to bolster your understanding and capabilities in this complex field.

## Penetration Testing

Penetration testing, often referred to as pen testing, is a systematic and controlled process of evaluating the security of computer systems, networks, applications, and environments. The primary objective of penetration testing is to identify vulnerabilities and weaknesses that could potentially be exploited by malicious actors.

## Pentetration Testing Standards

* [Pentesting Execution Standard](http://www.pentest-standard.org/index.php/Main_Page)
Authorized audit of security systems of computers and networks.
* [Rules of Engagement -- Cheat Sheet](https://sansorg.egnyte.com/dl/bF4I3yCcnt/?) and [redteam.guide ROEs](https://redteam.guide/docs/templates/roe_template/)
    * Permissions
    * Engagement --> internal/external pentest or adversary emulation of APTs
    * Scope --> networks, IPs, exfilration of data, which stage, downtime, DDoS
    * Rules
* NDA

## Pen Testi Campaign

* [Checklist](https://redteam.guide/docs/checklists/red-team-checklist/)
* [vectr.io](https://vectr.io)

* Engagement --> Concept of Operations (CONOPS), Resource and Personnel Requirements, Timelines
* Operations --> Operators, Known Information, Responsibilities
* Mission --> Exact commands to run and execution time of the engagement
* Remediation --> Report, Remediation consultation

## Methodology

* Steps
    * Reconnaissance
    * Enumeration/Scanning
    * Gaining Access
    * Privilege Escalation
    * Covering Tracks
    * Reporting

### Reconnaissance
* Duck / SearX / metacrawler / google
* Wikipedia
* [Shodan.io](http://www.shodan.io)
* PeopleFinder.com
* who.is
* sublist3r
* hunter.io
* builtwith.com
* wappalyzer

### Enumeration
* nmap
* nikto
* gobuster
* dirbuster
* metasploit
* enum4linux / linpeas / winpeas / linenum

### Exploitation

### Post Exploitation
* Pivoting
#### Privilege Escalation
* Vertically or horizontally

#### Covering Tracks

#### Reporting
* Includes
    * Vulnerabilities
    * Criticality
    * Description
    * Countermeasures 
    * Finding summary

## Frameworks
* [OSSTMM3](https://www.isecom.org/OSSTMM.3.pdf)
* [NIST](https://www.nist.gov/cyberframework)
* [CAF](https://www.ncsc.gov.uk/collection/caf/caf-principles-and-guidance)
* [Atomic Red Team](https://github.com/redcanaryco/atomic-red-team) as a practical approach
updated readme 2023-08-11 17:38:34 +02:00			`# KillChain Compendium - A Concise Security Handbook`

readme 2023-08-11 17:48:59 +02:00			The "KillChain Compendium" is a steadily growing, organized collection of in-depth resources, insights, and practical guidance, structured within the framework of the Kill Chain methodology. It serves as a comprehensive reference manual, offering knowledge and strategies for navigating the world of hacking, penetration testing, and cybersecurity. Whether you're an aspiring hacker, a seasoned security professional, or anyone seeking to delve into the intricacies of securing digital systems, the "KillChain Compendium" provides insights into each stage of the cyber kill chain while offering notes, actionable advice and real-world examples to bolster your understanding and capabilities in this complex field.
updated readme 2023-08-11 17:38:34 +02:00
			`## Penetration Testing`

			`Penetration testing, often referred to as pen testing, is a systematic and controlled process of evaluating the security of computer systems, networks, applications, and environments. The primary objective of penetration testing is to identify vulnerabilities and weaknesses that could potentially be exploited by malicious actors.`

			`## Pentetration Testing Standards`
Clean up 2023-07-22 22:14:02 +02:00
cleanup 2022-08-19 20:28:40 +02:00			`* [Pentesting Execution Standard](http://www.pentest-standard.org/index.php/Main_Page)`
			`Authorized audit of security systems of computers and networks.`
			`* [Rules of Engagement -- Cheat Sheet](https://sansorg.egnyte.com/dl/bF4I3yCcnt/?) and [redteam.guide ROEs](https://redteam.guide/docs/templates/roe_template/)`
			`* Permissions`
			`* Engagement --> internal/external pentest or adversary emulation of APTs`
			`* Scope --> networks, IPs, exfilration of data, which stage, downtime, DDoS`
			`* Rules`
			`* NDA`

updated readme 2023-08-11 17:38:34 +02:00			`## Pen Testi Campaign`

cleanup 2022-08-19 20:28:40 +02:00			`* [Checklist](https://redteam.guide/docs/checklists/red-team-checklist/)`
			`* [vectr.io](https://vectr.io)`

			`* Engagement --> Concept of Operations (CONOPS), Resource and Personnel Requirements, Timelines`
			`* Operations --> Operators, Known Information, Responsibilities`
			`* Mission --> Exact commands to run and execution time of the engagement`
			`* Remediation --> Report, Remediation consultation`

			`## Methodology`

			`* Steps`
			`* Reconnaissance`
			`* Enumeration/Scanning`
			`* Gaining Access`
			`* Privilege Escalation`
			`* Covering Tracks`
			`* Reporting`

			`### Reconnaissance`
			`* Duck / SearX / metacrawler / google`
			`* Wikipedia`
			`* [Shodan.io](http://www.shodan.io)`
			`* PeopleFinder.com`
			`* who.is`
			`* sublist3r`
			`* hunter.io`
			`* builtwith.com`
			`* wappalyzer`

			`### Enumeration`
			`* nmap`
			`* nikto`
			`* gobuster`
			`* dirbuster`
			`* metasploit`
			`* enum4linux / linpeas / winpeas / linenum`

			`### Exploitation`

			`### Post Exploitation`
			`* Pivoting`
			`#### Privilege Escalation`
			`* Vertically or horizontally`

			`#### Covering Tracks`

			`#### Reporting`
			`* Includes`
			`* Vulnerabilities`
			`* Criticality`
			`* Description`
			`* Countermeasures`
			`* Finding summary`

			`## Frameworks`
			`* [OSSTMM3](https://www.isecom.org/OSSTMM.3.pdf)`
			`* [NIST](https://www.nist.gov/cyberframework)`
			`* [CAF](https://www.ncsc.gov.uk/collection/caf/caf-principles-and-guidance)`
added stuff 2023-03-28 21:30:56 +02:00			`* [Atomic Red Team](https://github.com/redcanaryco/atomic-red-team) as a practical approach`
cleanup 2022-08-19 20:28:40 +02:00