Main Page
From pentestwiki.org
pentestwiki.org is a wiki dedicated to professional penetration testing, offensive security and ethical hacking. Based on standards such as PTES, CEH, OSSTMM among others.
Web Application Penetration Testing |
Intro Webapp |
Web Pentest Overview |
OWASP TOP 10 |
SSL/TLS attacks |
Webpentest through socks proxy |
PHP attacks |
Javascript attacks |
Mobile Apps (iOS, Android) Penetration Testing |
Static Analysis |
Dynamic Analysis |
Defence |
Infrastructure Penetration Testing |
PHASE I: Reconnaissance |
Passive reconnaissance |
Active reconnaissance |
PHASE II: Scanning |
PHASE III: Enumeration |
PHASE IV: Exploitation |
Password cracking |
Brute forcing |
SQL Exploitation |
msfvenom payloads |
Network infrastructure |
Cloud Providers Security |
Exploiting Cloud Infrastructure |
PHASE V: Post exploitation |
Shells |
Droppers |
Privilege Escalation |
Data exfiltration |
Meterpreter |
Sniffers |
PowerShell frameworks |
Password dumping |
RATs |
Escape environments |
PHASE VI: Covering Tracks |
PHASE VII: Lateral Movement |
PTH: Pass the hash |
PTT: Pass the ticket |
Pivoting |
Tunneling |
RDP |
Other references |
Tools and frameworks |
Standards, Guidelines, Frameworks |
Test/Lab environments |
Hardware hacking |
Other tools |
Twitter: @thepentestwiki
A Jacobo Avariento project.