OLD Cheatsheets
Version 1
🎯 Overview 📋 Methodology Phases Standard penetration testing methodology: 🔍 Host Discovery - Identify live hosts and network topology 🔎 Service Scanning - Enumerate open ports and running services ⚡ Gain Access/Exploit - Exploit vulnerabilities to gain initial access 🛠️ Post-Exploitation - Maintain access and escalate privileges 📊 Survey - Gather information about the compromised system ⬆️ PrivEsc - Escalate privileges to higher-level accounts 🔄 Pivot - Use compromised systems to access additional networks Additional https://brandonrussell.io/OSCP-Notes/ 📚 Reference Frameworks Unified Kill Chain - Comprehensive attack framework MITRE ATT&CK - Adversarial tactics and techniques Lockheed Martin Cyber Kill Chain - Original kill chain methodology [https://www.varonis.com/blog/cyber-kill-chain](Varonis Kill Chain) - similar model Active Directory Attack-Defense 🔍 Searching Shodan.io: https://www.shodan.io/dashboard?language=en https://www.shodan.io/search/examples Censys: https://docs.censys.com/docs/ls-introductory-use-cases#/ Advanced Search Operators: https://github.com/cipher387/Advanced-search-operators-list?tab=readme-ov-file#socialmedia 🔍 Host Discovery Host discovery is the first phase of network reconnaissance, focused on identifying live hosts within a target network.
Version 2
📋 Meta: Penetration Testing Execution Standard (PTES) http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines Step Task 1. Get the user flag on your own 2. Get the root flag on your own 3. Write your technical documentation 4. Write your non-technical documentation 5. Compare your notes with the official write-up 6. Create a list of information you have missed 7. Watch video or read blog walkthrough and compare it with your notes
https://ippsec.rocks/?# - https://www.youtube.com/@vbscrub/videos - https://www.youtube.com/watch?v=CU9Iafc-Igs&list=PLF7JR1a3dLONdkRYU_8-5OcgOzrWe2549 - https://www.youtube.com/@LiveOverflow/videos - https://0xdf.gitlab.io/ 8. Expand your notes and documentation by adding the missed parts PowerShell: https://underthewire.tech/wargames {class=“children children-type-list children-sort-”}