KillChain Compendium: PenTest & Security Handbook
Go to file
Stefan Friese 8d7e90ebca windows hardening 2022-09-20 23:47:18 +02:00
crypto openssl 2022-09-05 23:30:48 +02:00
enumeration added enumeration with elevate token 2022-09-06 22:02:37 +02:00
exfiltration bump 2022-09-03 16:24:01 +02:00
exploit added node info for attacking-pod image 2022-09-06 22:01:26 +02:00
forensics
hashes added bruteforcing stuff 2022-08-30 22:15:41 +02:00
misc windows hardening 2022-09-20 23:47:18 +02:00
osint
persistence
post exploitation bump 2022-09-03 16:24:01 +02:00
reverse engineering windows PE reversing 2022-09-04 23:50:45 +02:00
reverse shells cleanup 2022-08-19 21:04:45 +02:00
stego
.gitmodules
README.md cleanup 2022-08-19 20:28:40 +02:00

README.md

Pentesting

Campaign

  • Checklist

  • vectr.io

  • Engagement --> Concept of Operations (CONOPS), Resource and Personnel Requirements, Timelines

  • Operations --> Operators, Known Information, Responsibilities

  • Mission --> Exact commands to run and execution time of the engagement

  • Remediation --> Report, Remediation consultation

Methodology

  • Steps
    • Reconnaissance
    • Enumeration/Scanning
    • Gaining Access
    • Privilege Escalation
    • Covering Tracks
    • Reporting

Reconnaissance

  • Duck / SearX / metacrawler / google
  • Wikipedia
  • Shodan.io
  • PeopleFinder.com
  • who.is
  • sublist3r
  • hunter.io
  • builtwith.com
  • wappalyzer

Enumeration

  • nmap
  • nikto
  • gobuster
  • dirbuster
  • metasploit
  • enum4linux / linpeas / winpeas / linenum

Exploitation

Post Exploitation

  • Pivoting

Privilege Escalation

  • Vertically or horizontally

Covering Tracks

Reporting

  • Includes
    • Vulnerabilities
    • Criticality
    • Description
    • Countermeasures
    • Finding summary

Frameworks

Testing Webapps

  • Two methods
  1. Every Page and its functions one by one
  2. Test by stages
    • Authorization
    • Authentication
    • Injection
    • Client Side Controls
    • Application Logic