Methodology
Last updated
Was this helpful?
Last updated
Was this helpful?
Throughout all methodologies, exercise good note taking. This can help you identify gaps and help you
Use command
export IP=10.10.10.10
to make tying faster. You can then useping $IP
A faster method is to add the IP to your
/etc/hosts
and give it a name.
Enumeration
Port Scan and Directory scanning
Recon
Visit web page
Anonymous/default login (SMB/FTP/Web)
Search
Search for service version exploits
Use notes
Initial Foothold
Enumerate and exfiltrate
Privilege Escalation
HackTricks's Pentesting Methodology:
CrowdStrike's Staying Off the Land: A Threat Actor Methodology