diff --git a/README.md b/README.md index deca188..7080d9c 100644 --- a/README.md +++ b/README.md @@ -1 +1,80 @@ -my pentesting tools +# Pentesting +* [Pentesting Execution Standard](http://www.pentest-standard.org/index.php/Main_Page) +Authorized audit of security systems of computers and networks. +* [Rules of Engagement -- Cheat Sheet](https://sansorg.egnyte.com/dl/bF4I3yCcnt/?) and [redteam.guide ROEs](https://redteam.guide/docs/templates/roe_template/) + * Permissions + * Engagement --> internal/external pentest or adversary emulation of APTs + * Scope --> networks, IPs, exfilration of data, which stage, downtime, DDoS + * Rules +* NDA + +## Campaign +* [Checklist](https://redteam.guide/docs/checklists/red-team-checklist/) +* [vectr.io](https://vectr.io) + +* Engagement --> Concept of Operations (CONOPS), Resource and Personnel Requirements, Timelines +* Operations --> Operators, Known Information, Responsibilities +* Mission --> Exact commands to run and execution time of the engagement +* Remediation --> Report, Remediation consultation + +## Methodology + +* Steps + * Reconnaissance + * Enumeration/Scanning + * Gaining Access + * Privilege Escalation + * Covering Tracks + * Reporting + +### Reconnaissance +* Duck / SearX / metacrawler / google +* Wikipedia +* [Shodan.io](http://www.shodan.io) +* PeopleFinder.com +* who.is +* sublist3r +* hunter.io +* builtwith.com +* wappalyzer + +### Enumeration +* nmap +* nikto +* gobuster +* dirbuster +* metasploit +* enum4linux / linpeas / winpeas / linenum + +### Exploitation + +### Post Exploitation +* Pivoting +#### Privilege Escalation +* Vertically or horizontally + +#### Covering Tracks + +#### Reporting +* Includes + * Vulnerabilities + * Criticality + * Description + * Countermeasures + * Finding summary + +## Frameworks +* [OSSTMM3](https://www.isecom.org/OSSTMM.3.pdf) +* [NIST](https://www.nist.gov/cyberframework) +* [CAF](https://www.ncsc.gov.uk/collection/caf/caf-principles-and-guidance) + +## Testing Webapps + +* Two methods +1. Every Page and its functions one by one +2. Test by stages + * Authorization + * Authentication + * Injection + * Client Side Controls + * Application Logic diff --git a/metasploit.md b/misc/metasploit.md similarity index 100% rename from metasploit.md rename to misc/metasploit.md diff --git a/pentesting.md b/pentesting.md deleted file mode 100644 index 7080d9c..0000000 --- a/pentesting.md +++ /dev/null @@ -1,80 +0,0 @@ -# Pentesting -* [Pentesting Execution Standard](http://www.pentest-standard.org/index.php/Main_Page) -Authorized audit of security systems of computers and networks. -* [Rules of Engagement -- Cheat Sheet](https://sansorg.egnyte.com/dl/bF4I3yCcnt/?) and [redteam.guide ROEs](https://redteam.guide/docs/templates/roe_template/) - * Permissions - * Engagement --> internal/external pentest or adversary emulation of APTs - * Scope --> networks, IPs, exfilration of data, which stage, downtime, DDoS - * Rules -* NDA - -## Campaign -* [Checklist](https://redteam.guide/docs/checklists/red-team-checklist/) -* [vectr.io](https://vectr.io) - -* Engagement --> Concept of Operations (CONOPS), Resource and Personnel Requirements, Timelines -* Operations --> Operators, Known Information, Responsibilities -* Mission --> Exact commands to run and execution time of the engagement -* Remediation --> Report, Remediation consultation - -## Methodology - -* Steps - * Reconnaissance - * Enumeration/Scanning - * Gaining Access - * Privilege Escalation - * Covering Tracks - * Reporting - -### Reconnaissance -* Duck / SearX / metacrawler / google -* Wikipedia -* [Shodan.io](http://www.shodan.io) -* PeopleFinder.com -* who.is -* sublist3r -* hunter.io -* builtwith.com -* wappalyzer - -### Enumeration -* nmap -* nikto -* gobuster -* dirbuster -* metasploit -* enum4linux / linpeas / winpeas / linenum - -### Exploitation - -### Post Exploitation -* Pivoting -#### Privilege Escalation -* Vertically or horizontally - -#### Covering Tracks - -#### Reporting -* Includes - * Vulnerabilities - * Criticality - * Description - * Countermeasures - * Finding summary - -## Frameworks -* [OSSTMM3](https://www.isecom.org/OSSTMM.3.pdf) -* [NIST](https://www.nist.gov/cyberframework) -* [CAF](https://www.ncsc.gov.uk/collection/caf/caf-principles-and-guidance) - -## Testing Webapps - -* Two methods -1. Every Page and its functions one by one -2. Test by stages - * Authorization - * Authentication - * Injection - * Client Side Controls - * Application Logic diff --git a/pivoting.md b/post_exploitation/pivoting.md similarity index 100% rename from pivoting.md rename to post_exploitation/pivoting.md