All in one Pentest methodologies - Tools and commands

Where compiled all common materials for pentester

In this document, I will divide it into 2 phases and an overview is listed after below:

• Pre-Intrusion
  • Windows (To do) ❌
  • Linux ✔️
• Intrusion
  • Windows (To do) ❌
  • Linux ✔️

⚠️ Below is the full roadmap, and be sure to check it out first

• Google (specifically Google Dorking)
• Wikipedia
• Social Media (Instagram, Twitter, and Facebook)
• PeopleFinder.com
• who.is
• sublist3r
• hunter.io
• builtwith.com
• wappalyzer
• dnsdumpster.com
• shodan.io
• builtwith.com

• nmap (scan a target and tell us a wide variety of things)
• dirb (used to find commonly-named directories on a website)
• dirbuster (similar to dirb but with a cooler name, and with a user interface)
• enum4linux (tool used specifically for Linux to find vulnerabilities)
• metasploit (this tool is mostly used for exploitation, but it also has some built-in enumeration tools)
• Burp Suite (this tool can be used to scan a website for subdirectories and to intercept network traffic)

• Metasploit (many built-in scripts to try)
• Burp Suite (exploit web applications)
• SQLMap (exploit web applications)
• msfvenom (for building custom payloads)
• BeEF (browser-based exploitation)

• Windows: Administrator or System. (pwdump7, Ophcrack)
• Linux: root

• The Finding(s) or Vulnerabilities
• The CRITICALITY of the Finding
• A description or brief overview of how the finding was discovered
• Remediation recommendations to resolve the finding

1. NVD (National Vulnerability Database)
2. Exploit-DB
3. CVE MITRE

1. GTFOBins of Unix binaries
2. LOLBAS of Windows binaries

tree /usr/share/webshells/
tree /usr/share/wordlists/

1. Getting in
2. Hacking through
3. Taking it out