Methodology

Throughout all methodologies, exercise good note taking. This can help you identify gaps and help you

Hack The Box (HTB)

Use command export IP=10.10.10.10 to make tying faster. You can then use ping $IP
A faster method is to add the IP to your /etc/hosts and give it a name.

Enumeration
- Port Scan and Directory scanning
Recon
- Visit web page
- Anonymous/default login (SMB/FTP/Web)
Search
- Search for service version exploits
- Use hacktricks Pentesting notes
Initial Foothold
- Enumerate and exfiltrate
Privilege Escalation

Penetration Testing

HackTricks's Pentesting Methodology: https://book.hacktricks.xyz/pentesting-methodology
CrowdStrike's Staying Off the Land: A Threat Actor Methodology https://www.crowdstrike.com/blog/staying-off-the-land-methodology/

PreviousWelcome!NextEthical Hacking

Last updated 3 years ago