Knowledge Base for Penetration Testing
Network scanning is the process of gathering information about computing systems on a network. It is used mostly for assessing system security and performing maintenance, but can also be used by hackers to attack the network. Network scanning is usually the first step in active reconnaissance, where the attacker seeks to discover potentially vulnerable targets. […]
Shoulder Surfing Shoulder surfing is a social engineering attack in which the attacker observes a target’s behavior without the target noticing. The target is typically at their computer or other device, and may be working with sensitive information or inputting their credentials into an authentication system. The attacker, who is behind the target, is able […]
Weaponization is the process of turning the results of passive reconnaissance into directions or launch points for active reconnaissance and preliminary attacks. This will ensure that the more overt phases of the pen test process are influenced by your previous actions, rather than being isolated and therefore missing out on key information that could enhance […]
Scanning Tools Credential Testing Tools Debugging Tools Software Assurance Tools OSINT Tools Wireless Tools Web Proxy Tools Social Engineering Tools Remote Access Tools Networking Tools Mobile Tools Miscellaneous Tools Command & Control Servers Open Source Commercial
Pen Testing Standards and Frameworks Several sets of standards and frameworks have been developed to provide a common base of understanding and expectation for pen tests. Some examples have been listed below. CHECK framework The Open Web Application Security Project (OWASP) Testing Framework Open Source Security Testing Methodology Manual (OSSTMM) Penetration Testing Execution Standard (PTES) […]
Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10
https://sqlmap.org/ Useful commands -u URL, –url=URL Target URL (e.g. “www.target.com/vuln.php?id=1”)–data=DATA Data string to be sent through POST-p TESTPARAMETER Testable parameter(s) README.pdf/usr/share/sqlmap/doc/README.pdf Example command to call sqlmap to scan a URL with the opening at the search parameter using a UNION based attack technique At the end of that command set some more properties […]
https://tryhackme.com/room/networkservices2 NFS allows a system to share directories and files with others over a network. By using NFS, users and programs can access files on remote systems almost as if they were local files. It does this by mounting all, or a portion of a file system on a server. The portion of the file […]
File Transfer Protocol (FTP) is a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this, and relays commands and data in a very efficient way. The standard port is 21. A typical FTP session operates using two channels: The command channel is used for transmitting […]
If this service is running, it is a bright red flag that should be looked into immediately. Telnet does not require credentials. TryHackMe has a paid room that teaches Telnet. https://tryhackme.com/room/networkservices Telnet is an application protocol which allows the use of a telnet client to connect and execute commands on a remote machine that’s hosting […]
by 
