🗺️ Mind Maps

CPTS Kill Chain

Complete penetration testing methodology flow

Global

Nmap Scanning Workflow

Systematic approach to Nmap scanning

Network Enumeration with Nmap

Service Enumeration Flow

How to approach service enumeration

Footprinting

Shell Types

Different types of shells and when to use them

Shells & Payloads

Pivoting Techniques

Methods for network pivoting

Pivoting, Tunneling & Port Forwarding

AD Enumeration Path

Active Directory enumeration workflow

Active Directory Enumeration

AD Attack Paths

Common Active Directory attack techniques

Active Directory Attacks

SQL Injection Types

Different SQL injection techniques

SQL Injection Fundamentals

Web Recon Workflow

Web application reconnaissance methodology

Web Information Gathering

Linux PrivEsc Checklist

Linux privilege escalation methodology

Linux Privilege Escalation

Windows PrivEsc Checklist

Windows privilege escalation methodology

Windows Privilege Escalation

LFI to RCE

Escalating LFI to remote code execution

File Inclusion

Password Attack Flow

Password cracking methodology

Password Attacks

Common Services Attack Map

Attack vectors for common services

Attacking Common Services

File Transfer Methods

Ways to transfer files to targets

File Transfers

Web Attack Checklist

Common web vulnerabilities to test

Global

Reporting Structure

Penetration test report sections

Global

Metasploit Workflow

Using Metasploit Framework

Metasploit Framework

Burp Suite Workflow

Web testing with Burp Suite

Using Web Proxies

Nessus Scanning

Vulnerability scanning with Nessus

Vulnerability Scanning with Nessus

CPTS Full Attack Path

Complete CPTS exam attack methodology - External to Domain Admin

Global

LLMNR/NBT-NS Attack Flow

Poisoning and relay attack methodology

LLMNR/NBT-NS Poisoning

ACL Abuse Paths

Active Directory ACL attack vectors

ACL Abuse

Delegation Attack Paths

Kerberos delegation abuse

Constrained & Unconstrained Delegation

AD CS Attack Paths

Certificate Services exploitation

AD CS Attacks

Documentation Flow

Proper pentest documentation methodology

Documentation & Reporting

Domain Trust Attacks

Attacking trust relationships

Domain Trust Attacks

Pentest Process Lifecycle

Standard penetration testing phases

Penetration Testing Process

Vulnerability Assessment Flow

Process for identifying and validating vulnerabilities

Vulnerability Assessment

Fuzzing Workflow with Ffuf

Web fuzzing methodology

Attacking Web Apps with Ffuf

Login Brute Force Strategy

Attacking authentication mechanisms

Login Brute Forcing

SQLMap Automation

Automated SQL injection workflow

SQLMap Essentials

XSS Attack Methodology

Finding and exploiting Cross-Site Scripting

Cross-Site Scripting (XSS)

File Upload Exploitation

Bypassing file upload restrictions

File Upload Attacks

Command Injection Flow

Injecting OS commands

Command Injections

Web Attacks Overview

Common web vulnerabilities

Web Attacks

CMS Attack Workflow

Attacking Content Management Systems

Attacking Common Applications

Getting Started Checklist

Initial setup for penetration testing

Getting Started

OpenVAS Workflow

Using Greenbone Vulnerability Manager

Vulnerability Scanning with OpenVAS

Enterprise Attack Simulation

Full scope enterprise penetration test

Attacking Enterprise Networks

Ticket & Certificate Attacks

Lateral movement with Kerberos and Certificates

Pass the Ticket & Pass the Certificate