Welcome to my Network Penetration Testing knowledge base. This section documents my methodology for assessing network infrastructure security, ranging from initial footprinting to privilege escalation and lateral movement.
These notes serve as both a personal reference and a portfolio of my technical competencies. This tutorial will contain the following contents:
- Reconnaissance & OSINT: Passive information gathering, social media OSINT, Proxychaining etc.
- Active information Gathering: Enumerating subdomains, basicc evasion techniques, active scanning etc.
- Vulnerability Assessment: Automated vulnerability scanners and more.
- Understanding Network Pentesting: Basci concepts of network pentesting, bind shells, reverse shells, some basic AMSI evasion techniques etc.
- Performing Network pentesting: Exploitation of different network protocols like SSH, RDP, WinRM, SNMP then Discovering live hosts etc.
- Post-Exploitaion techniques: Gaining a shell with pth-winexe, impacket, MITM attacks, Lateral movement and pivoting etc.
- Command and control tactics: Powershell Empire, Starkiller full tutorial.
- Active Directory attacks: Understanding AD, enumeration, using Bloodhound etc.
- Advanced AD attacks: kerberos attacks, Domain dominance
UPCOMING TOPICS: Advanced OSINT using Perl, Advanced pivoting using tools like chisel, ligolo-ng, DNS tunneling{practical}, BGP hijacking{pracrtical}, detailed data exfiltration techniques using dnscat2, Advanced AD enumeration, Advanced AV bypass techniques, Sliver c2 , Web application penetration testing, Wireless penetration testing, Practical phising campaigns .
Disclaimer: All information hosted here is for educational purposes and authorized security testing only.