Stefan Friese
9f09057a86
|
||
|---|---|---|
| Cryptography | ||
| Enumeration | ||
| Exfiltration | ||
| Exploits | ||
| Forensics | ||
| Hashes | ||
| Miscellaneous | ||
| Open Source Intelligence | ||
| Persistence | ||
| Post Exploitation | ||
| Reverse Engineering | ||
| Reverse Shells | ||
| Steganography | ||
| README.md | ||
README.md
Pentesting
- Pentesting Execution Standard Authorized audit of security systems of computers and networks.
- Rules of Engagement -- Cheat Sheet and redteam.guide ROEs
- Permissions
- Engagement --> internal/external pentest or adversary emulation of APTs
- Scope --> networks, IPs, exfilration of data, which stage, downtime, DDoS
- Rules
- NDA
Campaign
-
Engagement --> Concept of Operations (CONOPS), Resource and Personnel Requirements, Timelines
-
Operations --> Operators, Known Information, Responsibilities
-
Mission --> Exact commands to run and execution time of the engagement
-
Remediation --> Report, Remediation consultation
Methodology
- Steps
- Reconnaissance
- Enumeration/Scanning
- Gaining Access
- Privilege Escalation
- Covering Tracks
- Reporting
Reconnaissance
- Duck / SearX / metacrawler / google
- Wikipedia
- Shodan.io
- PeopleFinder.com
- who.is
- sublist3r
- hunter.io
- builtwith.com
- wappalyzer
Enumeration
- nmap
- nikto
- gobuster
- dirbuster
- metasploit
- enum4linux / linpeas / winpeas / linenum
Exploitation
Post Exploitation
- Pivoting
Privilege Escalation
- Vertically or horizontally
Covering Tracks
Reporting
- Includes
- Vulnerabilities
- Criticality
- Description
- Countermeasures
- Finding summary
Frameworks
Testing Webapps
- Two methods
- Every Page and its functions one by one
- Test by stages
- Authorization
- Authentication
- Injection
- Client Side Controls
- Application Logic