method_0_intro
This is an old revision of the document!
Table of Contents
Five Stages of a Hack
You go through each of these five stages during ever pentest you do.
- Reconnaissance (active vs. passive)
- Active: Actually engage the target
- Passive: Googling, etc. (not directly against the target)
- Scanning & Enumeration (Nmpa, Nessus, Nikto, etc.)
- Exploitation (gaining access)
- Maintaining Access
- Covering Your Tracks (clean up what you did, create, broke, etc.)
Lather, rinse, repeat…
Most important out of the five:
- Recon (info gathering)
- Scanning & Enumeration
If you do those two right and well, you should have no problem getting to where you need to go.
Therefore, if you are having problems getting to where you need to go, you probably missed something in your scanning and enumeration.
Practice
VulnHub has a lot of practice machines you can download.
- VulnHub machines are virtual machines (VMs) and are built for VMWare.
- Debian 10 (Buster) runs VMWare Workstation fine. Debian 11 (Bullseye)… not so much.
List of VulHub machines similar to OSCP:
Zim
method_0_intro.1602069548.txt.gz · Last modified: by gman