Homepage

Pentest Workflow

Stage
Details

Prep

Plan. Scope. Investigate, OSINT, Recon

Scan

nmap, nikto, burp, fuzzing

Getting In

Find your foothold. Exploit a service. Get user access.

WebApps

WebApps are full of vulnerabilities: IIS, LFI, SQLi, php, wordpress

Password & Ciphers

Cipher, Decrypt, Stego, Hash Cracking, Dictionaries, Hydra

Linux PrivEsc

Enum > PrivEsc > Exploit ... Plus: Pivots, Moving Files, Tricks

Windows PrivEsc

Enum > PrivEsc > Exploit ... Plus: Active Directory, Kerberos, Powershell

NextPentest Links

Last updated