Skip to content

botesjuan/PenTestMethodology

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

356 Commits
code
code
 
 
images
images
 
 
sections
sections
 
 
wordlists
wordlists
 
 
README.md
README.md
 
 

Repository files navigation

Penetration Testing Methodology



Buy Me A Coffee

Thanks for the supported coffee, \o/

Active Directory

  • Reconnaissance Unauthenticated
    • Initial Network Enumeration
    • Passive Reconnaissance
    • Active Host Discovery
    • Detect Active Directory Domain
    • MITM - LLMNR/NBT-NS Poisoning
    • Crack NTLMv2 hashes stolen
  • Enumeration Unauthenticated
    • RID Bruteforce Enumerate
    • Brute Forcing
    • Username as Password Attack
    • Password Spraying
  • Authenticated Initial Access
    • AD Password Policy
    • Vulnerability Scanning
    • ESC7 Certificate Authority
    • Coercing Authentication
    • PetitPotam - Authenticated
    • Coercer Tool Identify vulnerabilities
    • Active Directory Enumeration
      • Computer Account Admin
      • Users Generic Write All
      • Targeted Kerberoasting attack
    • Relay Attacks
      • NTLM Relay
    • Kerberos
    • Convert kirbi to Ccache
    • Dump KRBTGT Hash
  • Persistence or Lateral
    • ESC8 NTLM Relay to AD CS
      • Lab CA Configuration
      • Check CA for NTLM
      • CA Enumeration
      • Start NTLM Relay
      • Coercing DC
      • Stolen Certificate
      • Authenticate as DC
      • Computer DCSYNC Attack
      • User DCSYNC Attack
    • Certificate Authority Exploit ESC1..ESC16
    • Other Relay & MITM References
    • IPv6 attacks

Infrastructure

  • Arsenal inventory reference of pentest commands
  • Reconnaissance
  • Enumeration
  • Research
  • Exploitation
    • Hosting
    • File transfer
    • Shells & Payloads
    • Cracking
    • Exploits
    • Metasploit
    • Code Reverse Engineering
  • POST Exploitation
    • Microsoft Windows / AD
    • Linux
  • Attacking Systems
    • Active Directory
    • Email / SMTP / Microsoft Exchange / Outlook Web Access
    • Printers
    • DNS
    • Oracle
    • Wireless
    • OT, SCADA, PLC & EWS

API & Web

Mobile

  • Android
  • IOS Apple

Cloud Pentesting

  • AWS
  • Google
  • Azure
  • Oracle

AI LLM Pentest

  • prompt injection
  • API exploit
  • agentic attacks

Antivirus Threat Evasion

  • Microsoft Defender
  • Carbon Black
  • Falcon Crowdstrike
  • Sophos
  • Kaspersky
{
context:'AI LLM Agents are only as powerfull as the hands that use them.',  
objective:'Tools can reveal a crack in our armor.',
mission:'Our job is to identify and seal the cracks in the armor.',
principals:'Best hackers think like attackers, but act as protectors.',
vision:'Stay curious, stay ethical, and keep learning.'
}

About

A structured, actionable penetration testing methodology and checklist covering end-to-end engagement phases.

Topics

penetration-testing infosec pentesting offsec oscp cybersecuirty

Resources

Readme
Activity

Stars

29 stars

Watchers

1 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages