My notes for pentesting

WORK IN PROGRESS! Many contents are short info, or just list of tools. In futer it will be extended to full descriptions and howto.

Contents:

General

• Network information gathering
  • Passive information gathering
    • Google hacking
    • Email harvesting
    • whois
    • recong-ng
  • Active information gathering
    • Subnet table
    • Network scanning
      • ARP
      • nmap
    • Enumeration
      • DNS
      • RPC
      • SMB
      • SMTP
      • POP3
      • SNMP
      • MSSQL
• Exploit Development
  • Windows Buffer Overflows
  • Linux Buffer Overflows
• Remote shells
  • netcat
  • ncat
• Transferring files
  • netcat
• Iptables
• OS enumeration
  • Linux
  • Windows
• HTTP scanning
  • Directory bruteforce
  • Server enum
  • SSL certificate testing
  • Misc scanners
  • Cloudflare
• Version mapping
  • IIS
  • Windows 10
  • Windows XP - 8.1
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2003 - 2012 R2

Webapp security

• Webapp security
  • Bypass .htaccess
    • TL;DR
    • Why its work?
    • References

Linux

• linux subsection

Tools

• tools subsection

Windows

• windows subsection