Posts

Enumerate using Google Using Google or other search engine we may be able to gather some valuable information. We can search for: Config files SQL File Username, Private keys, even passwords Error messages Any other technical messages Mostly i use following queries: #Find pages site: site.com #Find Subdomain site: site.com -www #Find files php/jsp/aspx/asp/cfm/sql site: site.com filetype:php #Find the page if match keywords in title site: site.com intitle: admin login #if the title match our keyword site: site....

For web pentesting, there are lots to be test. Below I have created a mandatory list what i never miss to test. The Goal? Reverse Shell! Note: This checklist created with help of owasp testing guide and with help of other resource found in the Internet. Recon/Enumeration Discover information using Google, Bing, Shodan, GitHub, Twitter, and LinkedIn Check if robots.txt, crossdomain.xml, clientaccesspolicy.xml, phpinfo.php sitemap.xml exist Identify Web Application Firewall Brute force subdomain DNS Reverse Lookup Brute Foce Files and Directory Analyze SSL Crawl entire site Find Emails, Employees, Phone numbers etc Wayback history Nmap Scan all ports(Including UDP) and do banner grabbing Identify input point Error Handling Request fake pages Try Different HTTP method such as TRACE, OPTIONS, DEBUG, NONE Request multiple parameters with different values(I....

I have written a cheat sheet for windows privilege escalation recently and updating continually. Privilege Escalation is a very important skills in real world pentesting or even for OSCP. So Whatever i have learned during my OSCP Journey, took note. I have organized my notes as a cheat sheet and decided to share publicly, in case it is useful for someone. These technique collected from various source in the Internet, Video and tested in HTB, CyberSecLabs, and in home labs....

In the OSCP exam, Only Gaining access is not enough. Most of the machines may require to escalate to higher privilege. To learn more about windows privilege escalation I have taken a course from Udemy, watching IPSec youtube video, and reading tutorials from various sources. Whatever i have learned, took note. I have organized my notes as a cheat sheet and now it is public. Note: A cheat sheet is not understandable without basic knowledge!...

While i was Studying for OSCP from various sources. I took note, made a quick cheat sheet, so that i don’t need to search same thing again and again. I am sharing this cheat sheet as i think it might be useful for someone. Enumeration Enumeration is most important part. All finding should be noted for future reference. Without enumeration, we will have hard time to exploit the target. Basic Enumeration Whenever I start pentesting an IP address, My First starting favorite tool is nmap....