Pentest notes

Miscellaneous useful notes for pentesting & ethical hacking

Chapters

1. Nmap scans
2. Breakouts
3. Common
4. Post-exploit checklist (Linux)
5. Privilege escalation (Linux)
6. Privilege escalation (Windows)
7. Reverse shells
8. Transfers
9. Powershell commands

Installation

Clone the repo into a directory somewhere convenient, and then add the below aliases to your .bash_aliases file for quick access.

# Clone the repo
mkdir -p $HOME/Documents/pentest_notes
cd $HOME/Documents/pentest_notes
git clone https://github.com/fieldse/pentest-notes.git .

Aliases -- copy these to your .bash_aliases or .zshrc

# .bash_aliases
alias breakouts="less $HOME/Documents/pentest_notes/breakouts.txt"
alias common="less $HOME/Documents/pentest_notes/common.txt"
alias linux-post="less $HOME/Documents/pentest_notes/linux-post.txt"
alias linux-privesc="less $HOME/Documents/pentest_notes/linux-privesc.txt"
alias windows-privesc="less $HOME/Documents/pentest_notes/windows-privesc.txt"
alias revshells="less $HOME/Documents/pentest_notes/revshells.md"
alias transfers="less $HOME/Documents/pentest_notes/transfers.txt"
alias windows-powershell="less $HOME/Documents/pentest_notes/windows-powershell.md"

Credits

Most of this stuff is from the incredible Sirensecurity

You should check out her YouTube stuff as well:

• S1rensecurity
• OffSec OSCP Walkthroughs

Resources

General resource lists

• HackTricks.xyz -- the encyclopedia of pentesting: https://book.hacktricks.xyz/
• Red Teaming resources (list): https://github.com/an4kein/awesome-red-teaming
• OSCP preparation: (great, concise). https://github.com/karri0n/OSCP-Preperation-2023

Privesc -- Linux

• Linux privesc CHECKLIST (Hacktricks): https://book.hacktricks.xyz/linux-hardening/linux-privilege-escalation-checklist
• Linux privesc (Hacktricks): https://book.hacktricks.xyz/linux-hardening/privilege-escalation
• Linux Privesc (s1ren): https://sirensecurity.io/blog/linux-privilege-escalation-resources/

Privesc -- Windows

• Windows privesc CHECKLIST (Hacktricks): https://book.hacktricks.xyz/windows-hardening/checklist-windows-privilege-escalation
• Windows Privesc (s1ren): https://sirensecurity.io/blog/windows-privilege-escalation-resources/

Breakouts

• Shell breakouts (s1ren): https://sirensecurity.io/blog/break-out-get-that-tty/

Pivoting

• Ligolo-ng: https://www.youtube.com/watch?v=DM1B8S80EvQ
• T3l3machus's guide to pivoting: https://github.com/t3l3machus/pentest-pivoting

Transfers

• Pentest_duck: https://medium.com/@PenTest_duck/almost-all-the-ways-to-file-transfer-1bd6bf710d65

Project

• https://github.com/fieldse/pentest-notes

Maintainer

• [email protected]