3. Penetration Testing Documentation

Notes from the Penetration Testing Learning

3.1. Software

• Active presenter software
• obs broadcast software

3.2. Important websites for PT

- `cvedetails.com <https://cvedetails.com/>`_.
- getgophish.com
- attack.mitre.org
- temp-mail.org
- temp-number.org
- proton.me
- tutanota.com
- haveibeenpwned.com
- cmkai.cz
- portswigger.com
- bandicam.com
- meyerweb.com
- base64decode.org
- bugcrowd.com
- jwt.io ( jsm token )
- https://vulners.com/zdt/1337DAY-ID-30003  ( local previlege esclation script)
- `test.com` | test.com
- https://github.com/DominicBreuker/pspy
- https://gtfobins.github.io/  (curated list of unix binaries )
- https://github.com/sushiwushi/bug-bounty-dorks/blob/master/dorks.txt

3.3. Get Subdomains list

subfinder and amass gives all the sub domains of a given domain.

# subfinder -silent -d hackerone.com
# amass enum -passive -d hackerone.com

3.4. Accessable websites from the subdomain list

httpx gives the status of the website

# amass enum -passive -d hackerone.com | httpx -sc  # gives status of all sites
# amass enum -passive -d hackerone.com | httpx -mc 200  # gives only accessable sites with http code 200

3.5. Reading topics

Research on the following topics

# chkrootkit
# pspy

Title

Heading row 1, column 1	Heading row 1, column 2
Row 1, column 1
Row 2, column 1	Row 2, column 2