killchain-compendium/pentesting.md

# Methodology

* Steps
    * Reconnaissance
    * Enumeration/Scanning
    * Gaining Access
    * Privilege Escalation
    * Covering Tracks
    * Reporting

## Reconnaissance
* Duck / SearX / metacrawler / google
* Wikipedia
* [Shodan.io](http://www.shodan.io)
* PeopleFinder.com
* who.is
* sublist3r
* hunter.io
* builtwith.com
* wappalyzer

## Enumeration
* nmap
* nikto
* gobuster
* dirbuster
* metasploit
* enum4linux / linpeas / winpeas / linenum

## Exploitation

## Privilege Escalation

## Covering Tracks

## Reporting
* Includes
    * Vulnerabilities
    * Criticality
    * Description
    * Countermeasures 
    * Finding summary
second commit 2021-08-23 01:13:54 +02:00			`# Methodology`

			`* Steps`
			`* Reconnaissance`
			`* Enumeration/Scanning`
			`* Gaining Access`
			`* Privilege Escalation`
			`* Covering Tracks`
			`* Reporting`

			`## Reconnaissance`
			`* Duck / SearX / metacrawler / google`
			`* Wikipedia`
			`* [Shodan.io](http://www.shodan.io)`
			`* PeopleFinder.com`
			`* who.is`
			`* sublist3r`
			`* hunter.io`
			`* builtwith.com`
			`* wappalyzer`

			`## Enumeration`
			`* nmap`
			`* nikto`
			`* gobuster`
			`* dirbuster`
			`* metasploit`
			`* enum4linux / linpeas / winpeas / linenum`

			`## Exploitation`

			`## Privilege Escalation`

			`## Covering Tracks`

			`## Reporting`
			`* Includes`
			`* Vulnerabilities`
			`* Criticality`
			`* Description`
			`* Countermeasures`
			`* Finding summary`