Main Page
From pentestwiki.org
pentestwiki.org is a wiki dedicated to professional penetration testing, offensive security and ethical hacking. Based on standards such as PTES, CEH, OSSTMM among others.
| Web Application Penetration Testing |
| Intro Webapp |
| Web Pentest Overview |
| OWASP TOP 10 |
| SSL/TLS attacks |
| Webpentest through socks proxy |
| PHP attacks |
| Javascript attacks |
| Mobile Apps (iOS, Android) Penetration Testing |
| Static Analysis |
| Dynamic Analysis |
| Defence |
| Infrastructure Penetration Testing |
| PHASE I: Reconnaissance |
| Passive reconnaissance |
| Active reconnaissance |
| PHASE II: Scanning |
| PHASE III: Enumeration |
| PHASE IV: Exploitation |
| Password cracking |
| Brute forcing |
| SQL Exploitation |
| msfvenom payloads |
| Network infrastructure |
| Cloud Providers Security |
| Exploiting Cloud Infrastructure |
| PHASE V: Post exploitation |
| Shells |
| Droppers |
| Privilege Escalation |
| Data exfiltration |
| Meterpreter |
| Sniffers |
| PowerShell frameworks |
| Password dumping |
| RATs |
| Escape environments |
| PHASE VI: Covering Tracks |
| PHASE VII: Lateral Movement |
| PTH: Pass the hash |
| PTT: Pass the ticket |
| Pivoting |
| Tunneling |
| RDP |
Other references:
- Tools and frameworks
- Standards, Guidelines, Frameworks
- Test/Lab environments
- Hardware hacking
- Other tools
Twitter: @thepentestwiki
Contact: pentestwiki<at>defensahacker<dot>com
A Jacobo Avariento project.