> For the complete documentation index, see [llms.txt](https://ivalexev.gitbook.io/rednote/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ivalexev.gitbook.io/rednote/pentesting-process.md). # Pentesting Process - [Information Gathering](https://ivalexev.gitbook.io/rednote/pentesting-process/information-gathering.md): Techniques for obtaining information about a target. - [OSINT](https://ivalexev.gitbook.io/rednote/pentesting-process/information-gathering/osint.md): Open Source INTelligence, is the activity of gathering information by consulting publicly available sources. - [Passive](https://ivalexev.gitbook.io/rednote/pentesting-process/information-gathering/passive.md): Obtaining information about the Target without directly interacting with it. - [Active](https://ivalexev.gitbook.io/rednote/pentesting-process/information-gathering/active.md): Directly interacts with a target system to obtain information. - [Vulnerability](https://ivalexev.gitbook.io/rednote/pentesting-process/vulnerability.md): Perform vulnerability scanning and exploit research. - [Web Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks.md) - [Information Disclosure](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/information-disclosure.md) - [Crawling/Spidering & Fuzzing](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/crawling-spidering-and-fuzzing.md) - [Command Injection](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/command-injection.md) - [Unrestricted File Upload](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/unrestricted-file-upload.md) - [File Inclusion/Path Traversal](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/file-inclusion-path-traversal.md) - [Request Smuggling](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/request-smuggling.md) - [Clickjacking](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/clickjacking.md) - [Web Cache Poisoning](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/web-cache-poisoning.md) - [Web Cache Deception](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/web-cache-deception.md) - [Insecure Deserialization](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/insecure-deserialization.md): Serialization, Marshalling (Ruby) or Pickling (Python). - [Prototype Pollution](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/prototype-pollution.md) - [OAuth 2.0](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/oauth-2.0.md) - [JWT](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/jwt.md): JSON web token. - [SQLi](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/sqli.md): SQL Injection. - [sqlmap](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/sqli/sqlmap.md): Contains the details of the topic Web Attacks/SQLi/Tools/sqlmap. - [NoSQLi](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/nosqli.md): No SQL injection. - [GraphQL](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/graphql.md) - [XSS](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/xss.md): Cross Site Scripting. - [SSRF](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/ssrf.md): Server-Side Request Forgery. - [XXE](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/xxe.md): XML External Entity. - [XSLT](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/xslt.md): Extensible Stylesheet Language Transformations - [IDOR](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/idor.md): Insecure Direct Object References. - [API](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/api.md): Application Programming Interfaces. - [SSTI](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/ssti.md): Server-Side Template Injection. - [CSRF](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/csrf.md): Cross-Site Request Forgery. - [CORS](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/cors.md): Cross Origin Resource Sharing. - [AJP](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/ajp.md): Apache JServ Protocol. - [SSI](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/ssi.md): Server-Side Includes. - [ESI](https://ivalexev.gitbook.io/rednote/pentesting-process/web-attacks/esi.md): Edge-Side Includes. - [Software Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks.md) - [Binary](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/binary.md) - [Assembly](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/binary/assembly.md) - [Client-Side](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/client-side.md) - [Shellcode](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/shellcode.md) - [Execute](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/execute.md): Code that executes shellcode in memory. - [AV Evasion & Obfuscation](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/av-evasion-and-obfuscation.md): On-disk Evasion, In-memory Evasion. - [Windows Bypass](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/av-evasion-and-obfuscation/windows-bypass.md): Bypass techniques on Microsoft Windows systems. - [Windows Evasion](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/av-evasion-and-obfuscation/windows-evasion.md): Evasion techniques on Microsoft Windows systems. - [Other (TMP)](https://ivalexev.gitbook.io/rednote/pentesting-process/software-attacks/av-evasion-and-obfuscation/other-tmp.md) - [Network Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/network-attacks.md) - [Wi-Fi](https://ivalexev.gitbook.io/rednote/pentesting-process/network-attacks/wi-fi.md): IEEE 802.11 - [Commands](https://ivalexev.gitbook.io/rednote/pentesting-process/network-attacks/wi-fi/commands.md) - [ARP Poisoning](https://ivalexev.gitbook.io/rednote/pentesting-process/network-attacks/arp-poisoning.md) - [Local DNS Cache Poisoning](https://ivalexev.gitbook.io/rednote/pentesting-process/network-attacks/local-dns-cache-poisoning.md) - [Baby Local DoS](https://ivalexev.gitbook.io/rednote/pentesting-process/network-attacks/baby-local-dos.md): Send RST on TCP connections in local network. - [Crypto Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks.md) - [Utility](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/utility.md) - [RSA](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/rsa.md): Rivest, Shamir e Adleman. - [DSA/DSS](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/dsa-dss.md): Digital Signature Algorithm / Digital Signature Standard. - [PRNG](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/prng.md): Pseudorandom number generator. - [LGC](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/prng/lgc.md): Linear Congruential Generator. - [MT](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/prng/mt.md): Mersenne Twister - [LFSR](https://ivalexev.gitbook.io/rednote/pentesting-process/crypto-attacks/prng/lfsr.md): Linear Feedback Shift Register - [AI Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/ai-attacks.md): Artificial Intelligence Attacks - [Components](https://ivalexev.gitbook.io/rednote/pentesting-process/ai-attacks/components.md): AI System Component Stack - [Reconnaissance](https://ivalexev.gitbook.io/rednote/pentesting-process/ai-attacks/reconnaissance.md) - [Prompt Injection](https://ivalexev.gitbook.io/rednote/pentesting-process/ai-attacks/prompt-injection.md) - [Jailbreaking](https://ivalexev.gitbook.io/rednote/pentesting-process/ai-attacks/jailbreaking.md) - [Note](https://ivalexev.gitbook.io/rednote/pentesting-process/ai-attacks/note.md) - [Cloud Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/cloud-attacks.md): Compromise services, data, or applications hosted in cloud environments. - [AWS](https://ivalexev.gitbook.io/rednote/pentesting-process/cloud-attacks/aws.md): Amazon Web Service - [Misc Attacks](https://ivalexev.gitbook.io/rednote/pentesting-process/misc-attacks.md): Various useful attack tools and techniques. - [Dependency Chain Attack](https://ivalexev.gitbook.io/rednote/pentesting-process/misc-attacks/dependency-chain-attack.md) - [Social Engineering](https://ivalexev.gitbook.io/rednote/pentesting-process/social-engineering.md): Exploiting the weak minds of humans. - [cuddlephish](https://ivalexev.gitbook.io/rednote/pentesting-process/social-engineering/cuddlephish.md): Weaponized Browser-in-the-Middle (BitM). Stream a video of your browser to the user’s browser and log every input. - [Password Cracking](https://ivalexev.gitbook.io/rednote/pentesting-process/password-cracking.md): Techniques for generating worlists and using them to brute force passwords and crack hashes. - [Wordlist](https://ivalexev.gitbook.io/rednote/pentesting-process/password-cracking/wordlist.md): Public Wordlists and Wordlist Generation. - [Offline](https://ivalexev.gitbook.io/rednote/pentesting-process/password-cracking/offline.md): Brute force on hashes. - [Online](https://ivalexev.gitbook.io/rednote/pentesting-process/password-cracking/online.md): Brute force on online services. - [Pivoting & Tunneling](https://ivalexev.gitbook.io/rednote/pentesting-process/pivoting-and-tunneling.md): Pivoting is moving to other networks through a compromised host to find multiple targets on different network segments and Tunneling is the obfuscation of our actions to avoid detection. - [Local Enumeration](https://ivalexev.gitbook.io/rednote/pentesting-process/local-enumeration.md): Get information about the system once you have gained access. - [Linux](https://ivalexev.gitbook.io/rednote/pentesting-process/local-enumeration/linux.md) - [Windows](https://ivalexev.gitbook.io/rednote/pentesting-process/local-enumeration/windows.md) - [Privilege Escalation](https://ivalexev.gitbook.io/rednote/pentesting-process/privilege-escalation.md): Escalate privileges once you have access to the host. - [Linux](https://ivalexev.gitbook.io/rednote/pentesting-process/privilege-escalation/linux.md) - [Linux Privilege Escalation with Groups](https://ivalexev.gitbook.io/rednote/pentesting-process/privilege-escalation/linux/linux-privilege-escalation-with-groups.md): Contains the details of the topic Privilege Escalation/Linux/Functionality/Groups. - [Linux Privilege Escalation with Library](https://ivalexev.gitbook.io/rednote/pentesting-process/privilege-escalation/linux/linux-privilege-escalation-with-library.md): Contains the details of the topic Privilege Escalation/Linux/Functionality/Library. - [Windows](https://ivalexev.gitbook.io/rednote/pentesting-process/privilege-escalation/windows.md) - [Windows Privilege Escalation with Groups and Privileges](https://ivalexev.gitbook.io/rednote/pentesting-process/privilege-escalation/windows/windows-privilege-escalation-with-groups-and-privileges.md): Contains the details of the topic Privilege Escalation/Windows/Groups and Privileges. - [Active Directory](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory.md) - [Enumeration](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/enumeration.md) - [Abuse ACL](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/abuse-acl.md): Abuse Access Control List (ACL), attacks on paths shown by bloodhound. - [Extract Hash & Password](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/extract-hash-and-password.md): Attacks that allow obtaining NTLM hashes of local users or Active Directory domain users. - [Steal NTLM](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/extract-hash-and-password/steal-ntlm.md): Triggers implicit SMB authentication and leaks a NetNTLMv2. - [Password Spraying Attack](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/password-spraying-attack.md) - [Pass The Hash](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/pass-the-hash.md) - [Overpass the Hash](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/overpass-the-hash.md) - [Pass The Ticket](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/pass-the-ticket.md) - [Relay Attack](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/relay-attack.md) - [AS-REP Roasting](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/as-rep-roasting.md) - [Kerberoasting](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/kerberoasting.md) - [Silver Ticket](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/silver-ticket.md) - [Golden Ticket](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/golden-ticket.md) - [DC Synchronization](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/dc-synchronization.md) - [AD Certificates](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/ad-certificates.md) - [Attacking Domain Trusts](https://ivalexev.gitbook.io/rednote/pentesting-process/active-directory/attacking-domain-trusts.md) - [Lateral Movement](https://ivalexev.gitbook.io/rednote/pentesting-process/lateral-movement.md) - [Persistence](https://ivalexev.gitbook.io/rednote/pentesting-process/persistence.md): Allows attackers to maintain unauthorized access to a system. - [Reports](https://ivalexev.gitbook.io/rednote/pentesting-process/reports.md) - [Bug Bounty Report](https://ivalexev.gitbook.io/rednote/pentesting-process/reports/bug-bounty-report.md): Concise document detailing a discovered vulnerability in a system, including technical specifics and evidence to claim a reward within a bug bounty program. - [CVE](https://ivalexev.gitbook.io/rednote/pentesting-process/cve.md) - [Linux](https://ivalexev.gitbook.io/rednote/pentesting-process/cve/linux.md) - [Windows](https://ivalexev.gitbook.io/rednote/pentesting-process/cve/windows.md) - [OTHER](https://ivalexev.gitbook.io/rednote/pentesting-process/other.md): Contains various information that may be useful. - [CMS](https://ivalexev.gitbook.io/rednote/pentesting-process/other/cms.md): Content Management System. - [WordPress](https://ivalexev.gitbook.io/rednote/pentesting-process/other/cms/wordpress.md): Open-source Content Management System (CMS) - [Joomla](https://ivalexev.gitbook.io/rednote/pentesting-process/other/cms/joomla.md): Open-source Content Management System (CMS) - [Drupal](https://ivalexev.gitbook.io/rednote/pentesting-process/other/cms/drupal.md): Open-source Content Management System (CMS) - [Tomcat](https://ivalexev.gitbook.io/rednote/pentesting-process/other/tomcat.md): Web Server. - [Jenkins](https://ivalexev.gitbook.io/rednote/pentesting-process/other/jenkins.md): CI/CD (Continuous Integration / Continuous Delivery/Deployment) platform. - [Splunk](https://ivalexev.gitbook.io/rednote/pentesting-process/other/splunk.md): Log Analytics. - [Web Service](https://ivalexev.gitbook.io/rednote/pentesting-process/other/web-service.md): A web service is a server-side program that provides functionality that can be invoked and used at the programming level (interoperable architecture). - [Navigating Python Objects](https://ivalexev.gitbook.io/rednote/pentesting-process/other/navigating-python-objects.md): Navigate python objects and some tricks to bypass python sandbox protections, pyjails. - [JavaScript Deobfuscation](https://ivalexev.gitbook.io/rednote/pentesting-process/other/javascript-deobfuscation.md): Techniques for obfuscation and deobfuscation of JavaScript code. - [Windows Concepts](https://ivalexev.gitbook.io/rednote/pentesting-process/other/windows-concepts.md): Concepts related to code execution on Windows. - [Utility](https://ivalexev.gitbook.io/rednote/pentesting-process/other/utility.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://ivalexev.gitbook.io/rednote/pentesting-process.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.