This project comprises of markdown notes in hierarchical structure for peneteration testers.
Save Pentest Handbook.html and open it in your browser to peruse, or open the Obsidian/ directory in your Markdown editor. Start in Obsidian/index.md, and then navigate the links based on what you encounter in your CTF/penetration test. Check Obsidian/09 Command Summary.md for quick wins.
Using the disclosed methods against unauthorised/unwilling users is both immoral and illegal. As a white hat hacker/penetration tester, your job is to discover vulnerabilities in programs, systems and networks After getting documented permission.
Thus, you can only use the discosed methods only and only when you are given explicit permission by the company that hires you or when you are launching attacks against your own servers or networks.
This work is licensed under MIT License: you are free to distribute, change, and include any of this content in your projects. I only expect adequate citation of this work. The attribution should include the title of the repository and the author, myself.
Three main sources served as a foundation for this set of notes: my summary notes/cheatsheet from EECE 503G, notes I took during the EECE 503J lectures, and the report for the EECE 503J CTF project (a collaborative effort between myself and the gentlemen in the acknowledgements section). I consulted ChatGPT to combine those together. I later revised the output to the best of my ability. Suggestions are open.
The notes cover what I have seen across the courses EECE 503G and EECE 503J (Ethical Hacking I and II) in the faculty of engineering at the American University of Beirut. And so my gratitude goes to the professor Dr. Hussein Bakri (instructor) and my classmates that have contributed suggestions, rewrites, and teamwork during the CTF project (an important source for these notes). These individuals are listed below.
- Dr. Hussein Bakri - HusseinBakri
- Ali Mohammad Naji
- Mohammad Kassem
- Jad Eido