method_0_intro
This is an old revision of the document!
Table of Contents
PenTest Methodology
Six Stages
During a PenTest you generally follow these six steps:
- Pre-Engagement: Planning & Scope
- Recon: Information Gathering
- Scanning
- Exploitation
- Post-Exploitation
- Post-Engagement: Report
Essential
Most important out of the six:
- Recon (info gathering)
- Scanning & Enumeration
- If you do those two right and well, you should have no problem getting to where you need to go.
- Therefore, if you are having problems getting to where you need to go, you probably missed something in your scanning and enumeration.
Enumeration
All enumeration means is “build a list.” You enumerate throughout this process; enumeration is essential for a successful hack.
Practice
VulnHub
VulnHub has a lot of practice machines you can download.
- VulnHub machines are virtual machines (VMs) and are built for VMWare.
- Debian 10 (Buster) runs VMWare Workstation fine. Debian 11 (Bullseye)… not so much.
List of VulHub machines similar to OSCP:
TryHackMe
Cyber security training through short, gamified, real-world labs. Content for complete beginners and seasoned hackers.
Hack The Box
method_0_intro.1664048532.txt.gz · Last modified: by gman