Personal checklist to track steps to take, tools to use, and things to remember for penetration tests, red/purple team tests, or other offensive security engagements. Checklist, not comprehensive methodology per se.
The intent is not to track things as appropriate for stealth but rather have checklists of things to do whilst testing. Then I can make judgment calls based on the tool or technique whether or not it's appropriate for the engagement. If I can remember times where a security tool has caught the tool/technique then I'll try to note it.
This will be a constant WIP that I'll add to as I think of things (and have time...). Just 'cause it's checked off in "To Do" doesn't mean it's completed FOREVER, just that it's in a spot where I could start making good use of it.
Organized into a folder of markdown files. They will link to each other where appropriate.
- OSINT & Recon
- WAPT
- Wireless
- Mobile
- Password Cracking
- LAN Attacks & Network Scanning
- Exploitation
- Local PrivEsc
- Post-Exploitation
- Lateral Movement & Network PrivEsc
- Persistence & Data Exfiltration