-
Try Hack Me – Pentesting Fundamentals Room Walk through
The room can be found here. Penetration Testing Ethics: “You are given permission to perform a security audit on an organisation; what type of hacker would you be?” Answer: white hat 2.“You attack an organisation and steal their data, what type of hacker would you be?” Answer: Black Hat 3.“What document defines how a penetration testing engagement should be carried out?” Answer: Rules of Engagement Penetration Testing Methodologies: The stages are Information Gathering (OSINT), Enumeration/Scanning. Exploitation, Privilege Escalation, Post-exploitation (sub-stages: pivoting, gather additional information as a privileged user, cover your tracks, reporting) OSSTMM – Open Source Security Testing Methodology Manual OWASP – Open Web Application Security Project NIST Cybersecurity Framework 1.1 – National…