Linux is not optional. learn about workflows, tips and tricks
AD is the backbone of many companies. Knowing about it is essential
huge topic – obviously. Find some usefull tools and tricks below
putting it all together: using tools and knowledge to make things more secure
In many cases you will find yourself doing the follwoing steps over and over again.
That doesn’t mean that its boring.
It just means there is a certain methodology you follow.
Of course depending on the scope of your pen test you might not do every step.
what infrastructure are they running? what servers, routers, etc.?
what type of services are they exposing to the outside world?
what are the versions and configurations of these services.
are there any knows weaknesses for the combinations OS/Service/version?
When you investigated all this and gathered all that information it is all about finding a clever way to use that info to create an attack vector and then use the right tools to execute it.
while we learn and gain more experience we take notes – obviously.
Instead of keeping them private to us we share them here.
Most of the content here will assume you know how things work in general – you just need some reminder how this tool or that protocol works.
If that sounds good to you – dive right in.
Click me!