Planning and Scoping
describes the processes, tools, and strategies that organizations use to address compliance with industry regulations, enterprise risk management, and internal governance.
Governance, Risk and Compliance (GRC)
process of assessing a target to collect preliminary knowledge about the system, software, network, and people without actively engaging a target or its assets.
passive information gathering
an attacker knows the websites an organization frequents, the attacker could infect the web pages in the site with malware.
Waterholing
is your BLUF summary of the report.
Executive Summary
tell a program to perform a set of actions repeatedly. generally used to iterate over a list of items.
Loops
it applies to data that was created or used in a health care context. This may apply to medical diagnoses, provider visit details, or other attributes that define an individual’s health or health care.
Protected Health Information (PHI)
information is tied to domain name registration entries
WhoIS
is probably the oldest method of attack. Generally, you find a user and try every possible combination of letters and numbers to guess the password. Try a. Then try aa. Then try ab. Then try ac… and so on
Brute Forcing
of the network and systems to be tested during the engagement, such as IP addresses, hostnames, application names and application programming interfaces (APIs), etc.
scope
most languages implement are AND, OR, and NOT.
Boolean Operators
is a confidentiality agreement that protects a business’s competitive advantage by protecting its proprietary information and intellectual property.
nondisclosure agreement (NDA)
Uses range from identifying login portals based on your company’s domain to searching for web cameras or other devices that are exposed to the Internet.
targeting many users with a single well-known password, like Winter2021. The theory is that out of 1,000 users, at least one of them might be using this password.
Password Spraying
something that could be advantageous to a malicious threat actor when attacking the customer’s network.
finding
are used when you have a repetitive task that needs to take input to the task or provide usable output from the task.
Functions
Blind, Double-Blind, Gray Box, Double Gray Box, Tandem, and Reversal
Open Source Security Testing Methodology Manual OSSTMM six testing types
search engine also scans the entire Internet, parsing banners for services and categorizing the data returned by each device. The main page provides a search box that can be used to examine content to find keywords or phrases.
tactical process for surveying an area for access points while in a moving vehicle. The goal is preliminary reconnaissance and to pinpoint wireless networks and potential targets in a certain area of interest.
Wardriving
establishes what a person is allowed to access based on their job role. This can mitigate vertical privilege escalation.
Role-based access control (RBAC)
are a programming tool that is used to keep data, functions, and procedures related to that data together.
Classes
is not a holistic pentest methodology, but rather a knowledge base of attacker actions created from a survey of publicly reported attacker activities.
MITRE ATT&CK
is a command-line tool that utilizes various network protocols and advanced features for surveying hosts for open TCP and UDP ports, fingerprinting operating systems, extracting service banners, and much more.
NMAP
another type of client-side injection attack that causes a user to perform an action they do not intend against a trusted website.
Cross-site request forgery (CSRF)
is a written statement provided by an independent third party (e.g., a pentesting consultancy) that is designed to give the organization credibility to other external parties, often as a part of an audit process.
attestation
is a very popular scripting language because of its perceived ease of use and its great tutorial documentation, which makes it very friendly for beginners.
Python