Please enable JavaScript.
Coggle requires JavaScript to display documents.
EthicalHacking15Hours-2023Ed - Coggle Diagram
-
Web Application
Methodology focuces heavily on OWASP testing guidelines
(at least top 10 checklists)
Open Web Application Security Project + mobile
-
-
-
-
-
Report Writing
- Typically delivered within a week after engagment ends
- should hightligh both non-techincal (executive summary) and technical findings
- recommendations for remediation should be clear to both executives and technical staff
Debriefs
- walk through your report findings (presentation)
- question ans answer
- require communication skills
Importance
- Help report writing (notebook for an assessment)
- Note keeping
- Proof of evidence for possible Q/A
Ex Note keeping
- Active Directorry
- PTX (course taken by modules)
Shows a capture, command, sheet cheat
Ex Client's Assessment
- External
- Internal
- Wev App
- Hashes
Make sure to include a screen shot contating ip address and date of assessments. Could include step by stem (up to u)
Highlight the vulneribities or findings, etc.
Tools
-
-
-
-
https://getgreenshot.org/
- for making screenshots you can get on your Windows PC.
- can capture complete (scrolling) web pages from
Techniques should use
- structured formats
- detailed notes
- screenshots
to ensure relevant info and easily access
Base
Scripting sklls (Python, Bash, etc.)
-
Networking (OSI Model, Protocols, etc)
Tool familarity, Burp Suite, Nessus, etc.)
-
Preferred
-
-
-
Coding Skills (Python, Bash, etc)
-
-