SUMMARY.md

Table of contents

• 📝 eCPPT / PTP - Notes
  • eCPPTv3
    • 1️⃣ 1 - Resource Development & Initial Access
      • 1.1 - PowerShell for Pentesters
      • 1.2 - Client-Side Attacks
        • 1.2.1 - System/Host Based Attacks
          • 1.2.1.1 Windows Vulnerabilities
        • 1.2.2 - The Metasploit Framework (MSF)
          • 1.2.2.1 MSF Introduction
          • 1.2.2.2 Information Gathering & Enumeration
          • 1.2.2.3 Vulnerability Scanning
          • 1.2.2.4 Client-Side Attacks
          • 1.2.2.5 Post Exploitation
          • 1.2.2.6 Armitage
        • 1.2.3 Exploitation
        • 1.2.4 Social Engineering
    • 2️⃣ 2 - Web Application Penetration Testing
      • 2.1 - Web App Concepts
        • 2.1.1 HTTP/S Protocol
        • 2.1.2 Encoding
        • 2.1.3 Same Origin
        • 2.1.4 Cookies
        • 2.1.5 Session
        • 2.1.6 Web App Proxies
      • 2.2 - Information Gathering
        • 2.2.1 Gathering Information on Your Targets
        • 2.2.2 Infrastructure
        • 2.2.3 Fingerprinting Frameworks and Applications
        • 2.2.4 Fingerprinting Custom Applications
        • 2.2.5 Enumerating Resources
        • 2.2.6 Information Disclosure Through Misconfiguration
        • 2.2.7 Google Hacking
        • 2.2.8 Shodan HQ
      • 2.3 - Cross Site Scripting
        • 2.3.1 XSS Anatomy
        • 2.3.2 Reflected XSS
        • 2.3.3 Stored XSS
        • 2.3.4 DOM-Based XSS
        • 2.3.5 Identifying & Exploiting XSS with XSSer
      • 2.4 - SQL Injection
        • 2.4.1 Introduction to SQL Injection
        • 2.4.2 Finding SQL Injection
        • 2.4.3 Exploiting In-Band SQL Injection
        • 2.4.4 Exploiting Error-Based SQL Injection
        • 2.4.5 Exploiting Blind SQL Injection
        • 2.4.6 SQLMap
        • 2.4.7 Mitigation Strategies
        • 2.4.8 From SQLi to Server Takeover
      • 2.5 - Other Common Web Attacks
        • 2.5.1 Session Attacks
        • 2.5.2 CSRF
        • 2.5.3 File and Resource Attacks
    • 3️⃣ 3 - Network Security
      • 3.1 Network Based Attacks
      • 3.2 Linux Vulnerabilities
      • 3.3 - Exploitation
        • 3.3.1 Linux Exploitation
    • 4️⃣ 4 - Exploit Development
      • 4.1 Architecture Foundamentals
      • 4.2 Assemblers and Tools
      • 4.3 Buffer Overflow
      • 4.4 Cryptography
      • 4.5 Malware
      • 4.6 Shellcoding
    • 5️⃣ 5 - Post-Exploitation
      • 5.1 Linux Post-Exploitation
      • 5.2 - Linux Privilege Escalation
        • 5.2.1 Kernel Exploitation
        • 5.2.2 SUID Exploitation
        • 5.2.3 CronJobs
      • 5.3 - Post Expolitation / Pivoting
        • 5.3.1 Pivoting Guidelines
        • 5.3.2 Pivoting Example (3 Targets)
    • 6️⃣ 6 - ​Red Teaming
      • 6.1 - Active Directory Penetration Testing
        • 6.1.1 Introduction to Active Directory (AD)
          • 6.1.1.1 Users, Groups & Computers
          • 6.1.1.2 Organizational Units (OUs)
          • 6.1.1.3 Trees, Forest & Trust
        • 6.1.2 AD Authentication
        • 6.1.3 AD Penetration Testing Methodology
      • 6.1.4 AD Enumeration
      • 6.1.5 AD Privilege Escalation
      • 6.1.6 AD Lateral Movement
      • 6.1.7 AD Persistence
      • 6.2 - Command & Control (C2/C&C)
  • eCPPTv2
    • 1️⃣ 1 - ​System Security
      • 1.1 Architecture Foundamentals
      • 1.2 Assemblers and Tools
      • 1.3 Buffer Overflow
      • 1.4 Cryptography
      • 1.5 Malware
      • 1.6 Shellcoding
    • 2️⃣ 2 - Network Security
      • 2.1 System/Host Based Attacks
        • 2.1.1 Windows Vulnerabilities
      • 2.2 Network Based Attacks
      • 2.3 The Metasploit Framework (MSF)
        • MSF Introduction
        • Information Gathering & Enumeration
        • Vulnerability Scanning
        • Client-Side Attacks
        • Post Exploitation
        • Armitage
      • 2.4 Exploitation
      • 2.5 - Post Expolitation / Pivoting
        • 2.5.1 Pivoting Guidelines
        • 2.5.2 Pivoting Example (3 Targets)
      • 2.6 Social Engineering
    • 3️⃣ 3 - PowerShell for PT
      • 3.1 PowerShell
    • 4️⃣ 4 - Linux Exploitation
      • 4.1 Linux Vulnerabilities
      • 4.2 Linux Exploitation
      • 4.3 Linux Post-Exploitation
      • 4.4 Linux Privilege Escalation
        • 4.4.1 Kernel Exploitation
        • 4.4.2 SUID Exploitation
        • 4.4.3 CronJobs
    • 5️⃣ 5 - Web App Security
      • 5.1 - Web App Concepts
        • 5.1.1 HTTP/S Protocol
        • 5.1.2 Encoding
        • 5.1.3 Same Origin
        • 5.1.4 Cookies
        • 5.1.5 Session
        • 5.1.6 Web App Proxies
      • 5.2 - Information Gathering
        • 5.2.1 Gathering Information on Your Targets
        • 5.2.2 Infrastructure
        • 5.2.3 Fingerprinting Frameworks and Applications
        • 5.2.4 Fingerprinting Custom Applications
        • 5.2.5 Enumerating Resources
        • 5.2.6 Information Disclosure Through Misconfiguration
        • 5.2.7 Google Hacking
        • 5.2.8 Shodan HQ
      • 5.3 - Cross Site Scripting
        • 5.3.1 XSS Anatomy
        • 5.3.2 Reflected XSS
        • 5.3.3 Stored XSS
        • 5.3.4 DOM-Based XSS
        • 5.3.5 Identifying & Exploiting XSS with XSSer
      • 5.4 - SQL Injection
        • 5.4.1 Introduction to SQL Injection
        • 5.4.2 Finding SQL Injection
        • 5.4.3 Exploiting In-Band SQL Injection
        • 5.4.4 Exploiting Error-Based SQL Injection
        • 5.4.5 Exploiting Blind SQL Injection
        • 5.4.6 SQLMap
        • 5.4.7 Mitigation Strategies
        • 5.4.8 From SQLi to Server Takeover
      • 5.5 - Other Common Web Attacks
        • 5.5.1 Session Attacks
        • 5.5.2 CSRF
    • 6️⃣ 6 - ​Wi-Fi Security
      • 6.1 Traffic Analysis
    • 7️⃣ 7 - ​Metasploit & Ruby
      • 7.1 Metasploit
    • 📄 Report
      • How to write a PT Report
• 🛣️ RoadMap & My Experience
• 📔 eCPPT Cheat Sheet