Methodology

From Wiki Aghanim

Revision as of 08:03, 8 June 2022 by imported>Aghanim

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Step 1 - Enumeration

Scanning

Run NMAP default script on all ports. (nmap -sC -sV --min-rate 100 IP -oN output.txt* /opt/nmapautomator FULL, UDP, VULN

Port Enumeration

Find service and versions* Find known service bugs* Find config issues* Find vulnerabilities using Searchsploit every service/app available* Enumerate each service closely. Look at the header using nc/telnet.* Default credentials (admin:admin, admin:secret, admin:pass etc...)

Scanning

Nitko scan* Feroxbuster/gobuster (Remember -f switch! Remember to try different wordlist)* BurpSuite and look at the response.(Headers, URLs, Response, BurpPro to bruteforce)* Manually look at each sites request and response.* Find software versions* FUZZ every parameter

Step 2 - Initial Access

Step 3 - Privilege Escalation

gtfobins

Inspo:

https://guif.re/networkpentest#General%20methodology

Retrieved from "https://book.ghanim.no/index.php?title=Methodology&oldid=1115"

Offensive Security

Navigation menu