CPTS Full Attack Path
Complete CPTS exam attack methodology - External to Domain Admin
Tip: Click on any node to see related information!
Interactive Mind Map
graph TD
A[External Recon] --> B[Subdomain/OSINT]
B --> C[Web App Vuln]
C --> D[Initial Foothold]
D --> E[Shell Upgrade]
E --> F[Local PrivEsc]
F --> G[Pivot to Internal]
G --> H[AD Enumeration]
H --> I[LLMNR Poisoning]
H --> J[Kerberoasting]
H --> K[AS-REP Roast]
I --> L[Crack Hashes]
J --> L
K --> L
L --> M[Lateral Movement]
M --> N[ACL Abuse]
M --> O[Delegation Abuse]
N --> P[Domain Admin]
O --> P
P --> Q[DCSync]
Q --> R[Full Compromise]
R --> S[Documentation & Report]
Related Modules
Penetration Testing Process
Understanding the phases of penetration testing: Planning, Information Gathering...
FundamentalsNetwork Enumeration with Nmap
Master Nmap for host discovery, port scanning, service detection, and NSE script...
EnumerationFootprinting
Gather information about target infrastructure including DNS, SMTP, FTP, SMB, NF...
EnumerationWeb Information Gathering
Techniques for web application reconnaissance including subdomain enumeration, d...
WebVulnerability Assessment
Identify and prioritize vulnerabilities using automated scanners and manual test...
FundamentalsFile Transfers
Methods to transfer files between attacker and target systems....
FundamentalsQuick Reference
Click on a node in the mind map to see quick reference information.