# Homepage

## Pentest Workflow

| Stage                                                               | Details                                                                   |
| ------------------------------------------------------------------- | ------------------------------------------------------------------------- |
| [Prep](https://pentest.mxhx.org/01-prep)                            | Plan. Scope. Investigate, OSINT, Recon                                    |
| [Scan](https://pentest.mxhx.org/02-scanning)                        | nmap, nikto, burp, fuzzing                                                |
| [Getting In](https://pentest.mxhx.org/03-getting-in)                | Find your foothold. Exploit a service. Get user access.                   |
| [WebApps](https://pentest.mxhx.org/04-webapps)                      | WebApps are full of vulnerabilities: IIS, LFI, SQLi, php, wordpress       |
| [Password & Ciphers](https://pentest.mxhx.org/05-passwords-ciphers) | Cipher, Decrypt, Stego, Hash Cracking, Dictionaries, Hydra                |
| [Linux PrivEsc](https://pentest.mxhx.org/06-linux-privesc)          | Enum > PrivEsc > Exploit ... Plus: Pivots, Moving Files, Tricks           |
| [Windows PrivEsc](https://pentest.mxhx.org/07-win-privesc)          | Enum > PrivEsc > Exploit ... Plus: Active Directory, Kerberos, Powershell |