| description |
|---|
Just another pentesting checklists |
This page contains checklists, resources, and write-ups for HTB machines. Actually, I created this page during my OSCP preparation. But for now, I am just putting all my notes here.
What the difference with the other? You may wonder what sets apart these GitBook notes from others, such as HackTricks. Well, HackTricks is a good source—I often refer to their page when conducting pentesting. They provide comprehensive guides and checklists for every service.
The difference lies in the simplicity I aim to maintain here. While a full and complete guide is beneficial, sometimes it can be overwhelming with an excess of information. In this space, I create notes based on my experiences. I stick to one tool or resource if it can effectively perform the necessary tasks. For example, if FFuF can handle vhost bruteforce, directory scanning, etc, why should I use dirsearch, wfuzz, etc? I'm not saying that tools like dirsearch or wfuzz are bad, but I don't see the point in installing many tools with the same function.
I am using Kali Linux for all the commands I'm sharing here. I believe that all Debian derivatives will have similar commands for the installation process (using 'apt'). However, if you're using a different distribution that is not a Debian derivative, please search for it yourself. You can take my notes as a reference.
{% hint style="danger" %} I have taken notes based on my understanding and practical use of commands/tools. It is possible that I may have made mistakes or misunderstood certain aspects. {% endhint %}