You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/generic-methodologies-and-resources/pentesting-methodology.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,11 +9,11 @@
9
9
10
10
_Hacktricks logos designed by_[_@ppiernacho_](https://www.instagram.com/ppieranacho/)_._
11
11
12
-
### 0- Physical Attacks
12
+
### **0- Physical Attacks**
13
13
14
14
Do you have **physical access** to the machine that you want to attack? You should read some [**tricks about physical attacks**](../hardware-physical-access/physical-attacks.md) and others about [**escaping from GUI applications**](../hardware-physical-access/escaping-from-gui-applications.md).
15
15
16
-
### 1 - [Discovering hosts inside the network](pentesting-network/index.html#discovering-hosts)/ [Discovering Assets of the company](external-recon-methodology/index.html)
16
+
### **1-**[**Discovering hosts inside the network**](pentesting-network/index.html#discovering-hosts)/ [Discovering Assets of the company](external-recon-methodology/index.html)
17
17
18
18
**Depending** if the **test** you are perform is an **internal or external test** you may be interested on finding **hosts inside the company network** (internal test) or **finding assets of the company on the internet** (external test).
19
19
@@ -25,7 +25,7 @@ Do you have **physical access** to the machine that you want to attack? You shou
25
25
**This section only applies if you are performing an internal test.**\
26
26
Before attacking a host maybe you prefer to **steal some credentials****from the network** or **sniff** some **data** to learn **passively/actively(MitM)** what can you find inside the network. You can read [**Pentesting Network**](pentesting-network/index.html#sniffing).
27
27
28
-
### 3- [Port Scan - Service discovery](pentesting-network/index.html#scanning-hosts)
28
+
### **3-**[**Port Scan - Service discovery**](pentesting-network/index.html#scanning-hosts)
29
29
30
30
The first thing to do when **looking for vulnerabilities in a host** is to know which **services are running** in which ports. Let's see the[**basic tools to scan ports of hosts**](pentesting-network/index.html#scanning-hosts).
31
31
@@ -70,7 +70,7 @@ If you have troubles with the shell, you can find here a small **compilation of
You will probably need to **extract some data from the victim** or even **introduce something** (like privilege escalation scripts). **Here you have a**[**post about common tools that you can use with these purposes**](../generic-hacking/exfiltration.md)**.**
0 commit comments