πŸ•ΈοΈ
Th4ntis CyberSec
  • πŸ•·οΈ>whoami_
  • πŸ–₯️General Info
    • CyberSec News
    • Getting Started and other Resources
      • CompTIA Certs
        • Security+
        • Pentest+
    • MITRE ATT&CK
    • Cyber Kill Chain
    • Docker
  • πŸ’»Networking
    • General Networking
    • Common Ports and Protocols
    • TCP/IP Model
    • OSI Model
    • Subnetting
    • Wireshark
    • NMap
    • Wireless
      • Wardriving/WiFi Sniffing
    • 3-Way Handshake
  • 🐧Linux
    • Common commands
    • Sudo
    • Files and File contents
    • Sed Awk and Grep
    • Permissions
  • πŸͺŸWindows
    • Event Codes
    • Powershell
    • Internals
    • Active Directory
  • πŸ”ŽOSINT
    • OSINT Tools
    • IP/Domain OSINT
    • Email/Username OSINT
    • URL OSINT and Sandboxing
    • Social Media OSINT
    • Website OSINT
    • Password OSINT
    • Physical Location OSINT
    • Image OSINT
    • People OSINT
    • Phone Number OSINT
    • Shodan
    • Google Dorking
  • πŸ› οΈTools
    • Brute Force
      • Hydra
    • Credential Dumping
      • Mimikatz
    • Enumeration
      • Bloodhound
      • Certipy
      • Dirb/Dirbuster
      • Enum4Linux
      • GoBuster
    • Exploitation Framework
      • Metasploit
      • Sliver
      • Cobalt Strike
    • Hash Cracking
      • Hashcat
      • JohnTheRipper
    • Methods
      • Powershell Obfuscation
      • Privilege Escalation
      • Pass-The-Hash
      • Kerberos and Kerberoasting
    • Vulnerability Scanners
      • Nessus
      • OpenVAS
    • Web App
      • BurpSuite
      • OWASP Zap
    • Wireless
      • Aircrack-ng
      • Kismet
      • Bettercap
      • HCXDumptool
      • Wifite
    • Impacket
    • Social-Engineer Toolkit (SET)
  • πŸ“”Guides and How-To's
    • Lab Setup
      • Ubuntu VM
      • Kali VM
      • Windows User VM
      • Windows Server VM
    • Wardriving
      • Pwnagotchi
    • Wireless Pentesting
      • WiFi Pineapple Basics
      • Evil-Twin Attack
    • Over The Wire
      • Bandit
      • Natas
      • Leviathan
      • Krypton
      • Narnia
      • Behemoth
      • Utumno
      • Maze
      • Vortex
      • Manpage
    • Docker and Kali Linux
    • Staying Private and goin Dark Online
  • πŸ“•Quick References
    • Tools
      • Tmux
      • NMap
      • Ffuf
      • NetExec
      • CrackMapExec
      • Proxychains
      • OneDriveUser Enum
      • Hashcat
    • One-liners
    • Reverse Shells
    • Post Exploitation
    • Enumeration
      • Google
      • Sublist3r
      • NMap
      • DNSDumpster
    • Hashcracking
    • Wireless
  • πŸ““Courses
    • PNPT
      • Practical Ethical Hacking
      • Windows Privilege Escalation
      • Linux Privilege Escalation
      • OSINT Fundamentals
      • External Pentest Playbook
  • ☁️TryHackMe
    • Attacking Kerberos
    • Hacking with Powershell
    • Powershell for Pentesters
    • Linux PrivEsc
    • Windows PrivEsc
    • Blue
    • Kenobi
  • πŸ“¦HackTheBox
    • Starting Point
      • Tier 0
        • Meow
        • Fawn
        • Dancing
        • Redeemer
        • Explosion
        • Preignition
        • Mongod
        • Synced
      • Tier 1
        • Appointment
        • Sequel
        • Crocodile
        • Responder
        • Three
        • Ignition
        • Bike
        • Funnel
        • Pennyworth
        • Tactics
      • Tier 2
        • Archetype
        • Oopsie
        • Vaccine
        • Unified
        • Included
        • Markup
        • Base
    • Walkthroughs
      • Lame
      • Analytics
      • Manager
      • Codify
Powered by GitBook
On this page
  • Networking Refresher
  • Intro to Linux
  • Lab Setup
  • Intro to Linux
  • Scripting with Bash
  • Intro to Python
  • The Ethical Hacker Methodology
  • Information Gathering (Reconnaissance)
  • Scanning and Enumeration
  • Vuln Scanning with Nessus
  • Exploitation Basics
  • New Capstone
  • Introduction to Exploit Development (Buffer Overflows)
  • Active Directory Overview
  • Attacking AD: Initial Attack Vectors
  • Attacking Active Directory: Post-Compromise Enumeration
  • Attacking Active Directory: Post-Compromise Attacks
  • We've Compromised the Domain - Now What?
  • Additional Active Directory Attacks
  • Active Directory Case Studies
  • Post Exploitation
  • Web Application Enumeration, Revisited
  • Find & Exploit Common Web Vulnerabilities
Edit on GitHub
  1. Courses
  2. PNPT

Practical Ethical Hacking

Last updated 1 year ago

Networking Refresher

I used my own notes on these subjects, added some of Heaths notes.

Networking - TCP, UDP, 3-Way Handshake - OSI Model - Common Ports - Subnetting

Intro to Linux

Lab Setup

The previous section was setting up Kali, I've done this prior so I skipped this section.

I used the pre-made VM (using 7-Zip to extract it) using the VMWare Pro software.

Intro to Linux

I've worked with Linux prior to this, so I have my own notes on these sections as well:

Common Commands - Permissions - Sudo - Files and File contents

Scripting with Bash

Intro to Python

The Ethical Hacker Methodology

Information Gathering (Reconnaissance)

I have a section on OSINT and OSINT tools/methods here.

Scanning and Enumeration

As I have worked with these tools prior, I have other notes here as well.

Nmap - Dirb/Dirbuster - GoBuster - Metasploit

Vuln Scanning with Nessus

As I have worked with Nessus prior, my notes in general can be found here.

Exploitation Basics

New Capstone

For Dev I did need to change the VM settings to NAT and run dhclient to get an IP.

For Black Pearl I did need to change the VM settings to NAT and run dhclient to get an IP.

Introduction to Exploit Development (Buffer Overflows)

Active Directory Overview

For their lab you will need roughly:

  • 1x Win Server

  • 2x Windows Workstations

  • 60GB Disk Space

  • 16GB RAM

There is a Cloud Alternative by Kamran Bilgrami that can be found here: Building Free Active Directory Lab in Azure

I have done this in the past so my notes and setup can be found: Lab Setup

Windows Server VM - Windows User VM

Attacking AD: Initial Attack Vectors

Attacking Active Directory: Post-Compromise Enumeration

Attacking Active Directory: Post-Compromise Attacks

We've Compromised the Domain - Now What?

Additional Active Directory Attacks

Active Directory Case Studies

He goes over Blog posts about case studies about pentests.

  • You spent how much on security?

  • Digging Deep

Post Exploitation

Web Application Enumeration, Revisited

Find & Exploit Common Web Vulnerabilities

COMING SOON

πŸ““
242KB
Scripting with Bash.pdf
pdf
358KB
Intro to Python.pdf
pdf
36KB
Ethical Hacker Methodology.pdf
pdf
850KB
Information Gathering (Reconnaissance).pdf
pdf
834KB
Scanning and Enumeration.pdf
pdf
641KB
Vulnerability Scanning with Nessus.pdf
pdf
3MB
Exploitation Basics.pdf
pdf
698KB
Capstone - Blue.pdf
pdf
1MB
Capstone - Academy.pdf
pdf
1MB
Capstone - Dev.pdf
pdf
1MB
Capstone - Butler.pdf
pdf
976KB
Capstone - BlackPearl.pdf
pdf
2MB
Introduction to Exploit Development (Buffer Overflows).pdf
pdf
822KB
Active Directory(AD) Overview.pdf
pdf
7MB
Attacking AD_ Initial Attack Vectors.pdf
pdf
2MB
Attacking Active Directory_ Post-Compromise Enumeration.pdf
pdf
3MB
Attacking Active Directory_ Post-Compromise Attacks.pdf
pdf
2MB
We_ve Compromised the Domain - Now What_.pdf
pdf
661KB
Additional AD Attacks.pdf
pdf
1MB
Post Exploitation.pdf
pdf
159KB
Web Application Enumeration, Revisited.pdf
pdf