Homepage

Pentest Workflow

Stage	Details
Prep	Plan. Scope. Investigate, OSINT, Recon
Scan	nmap, nikto, burp, fuzzing
Getting In	Find your foothold. Exploit a service. Get user access.
WebApps	WebApps are full of vulnerabilities: IIS, LFI, SQLi, php, wordpress
Password & Ciphers	Cipher, Decrypt, Stego, Hash Cracking, Dictionaries, Hydra
Linux PrivEsc	Enum > PrivEsc > Exploit ... Plus: Pivots, Moving Files, Tricks
Windows PrivEsc	Enum > PrivEsc > Exploit ... Plus: Active Directory, Kerberos, Powershell

Stage

Details

Plan. Scope. Investigate, OSINT, Recon

nmap, nikto, burp, fuzzing

Find your foothold. Exploit a service. Get user access.

WebApps are full of vulnerabilities: IIS, LFI, SQLi, php, wordpress

Cipher, Decrypt, Stego, Hash Cracking, Dictionaries, Hydra