> For the complete documentation index, see [llms.txt](https://pentest.mxhx.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://pentest.mxhx.org/readme.md).

# Homepage

## Pentest Workflow

| Stage                                          | Details                                                                   |
| ---------------------------------------------- | ------------------------------------------------------------------------- |
| [Prep](/01-prep.md)                            | Plan. Scope. Investigate, OSINT, Recon                                    |
| [Scan](/02-scanning.md)                        | nmap, nikto, burp, fuzzing                                                |
| [Getting In](/03-getting-in.md)                | Find your foothold. Exploit a service. Get user access.                   |
| [WebApps](/04-webapps.md)                      | WebApps are full of vulnerabilities: IIS, LFI, SQLi, php, wordpress       |
| [Password & Ciphers](/05-passwords-ciphers.md) | Cipher, Decrypt, Stego, Hash Cracking, Dictionaries, Hydra                |
| [Linux PrivEsc](/06-linux-privesc.md)          | Enum > PrivEsc > Exploit ... Plus: Pivots, Moving Files, Tricks           |
| [Windows PrivEsc](/07-win-privesc.md)          | Enum > PrivEsc > Exploit ... Plus: Active Directory, Kerberos, Powershell |
