/
Penetration Testing
Penetration Testing
1
Reconnaissance and Enumeration
1.1
Reconnaissance
1.2
Passive Reconnaissance
1.3
DNS Enumeration
1.4
Port Scanning
1.5
SMB Enumeration
1.6
SMTP Enumeration
1.7
SNMP Enumeration
1.8
Vulnerability Scanning
2
Web Exploitation
2.1
Web Application Testing
2.2
API Enumeration
2.3
Burp Suite
2.4
Cross-Site Scripting
2.5
Directory Traversal
2.6
File Inclusion
2.7
File Upload Vulnerabilities
2.8
Command Injection
2.9
SQL Injection
3
Social Engineering
3.1
Phishing Basics
3.2
Malicious Payloads
3.3
Client-Side Exploitation
4
Defense Evasion
4.1
How Antivirus Works
4.2
On-Disk Evasion
4.3
In-Memory Evasion
5
Credential Attacks
5.1
Online Password Attacks
5.2
Cracking Hashes
5.3
NTLM and Pass-the-Hash
5.4
Net-NTLMv2
5.5
Credential Guard
6
Privilege Escalation
6.1
Enumerating Windows
6.2
Hijacking Windows Services
←
Wireless Communications
Psychology
→