Chapter 8: Penetration Testing
Types of Pen Testing
Unknown Environment (Black Box)
Known Environment (White Box)
Partially Known Environment (Gray Box)
Pen Testing Concepts
Rules of Engagement
Scope: specific systems, networks etc.
IP ranges and CIDR
Tools
Documented/signed removal of tools from systems
Time frame
Exploitation
Escalation
Lateral Movement
Privilege Escalation
Cleanup
Bug Bounty
Pivoting
Here’s a quick example video direct from the creator, Raphael Mudge:
Persistence
And here’s a longer discussion from the Hackersploit channel:
Active vs Passive Reconnaissance
Drones
War Flying
War Driving
Footprinting
OSINT: Open Source Intelligence
MITRE: One of the Biggest of the Big Daddies to Know: https://cve.mitre.org/
The Exploit Database: https://www.exploit-db.com/
Google Dorking:
S-Class OSINT Tool: Maltego
Security Teams
-
- Red
- Blue
- Purple
- White
Sites to Practice Pen Testing
OWASP Juice Shop:
https://juice-shop.herokuapp.com/
Gruyere:
https://google-gruyere.appspot.com/
XSS-Game:
https://xss-game.appspot.com/