# General

## Structure

This gitbook is structured in order to fit well to a pentesting workflow. If you have ideas on how to improve it further, let me know!

### General

This part contains general information about scripting, interacting with CLIs and the Metasploit Framework. Furthermore, the Resources page will contain useful links as they are collected.

### Recon

Contains passive and active information gathering methods, ranging from open-source intelligence to port scanning and manual service enumeration

### Vulnerability Analysis

This section focuses mainly on finding vulnerabilities and ways to exploit them. The most common services and ways to enumerate them are listed.

### Gaining Access

Consists of a few different resources useful for exploitation: different kinds of reverse shells, Web Application Attack Techniques and (hopefully soon) some common vulnerability exploits

### Post Exploitation

Once access to a system has been achieved, this part becomes useful. Possibilities to escape restricted shells, PrivEsc methods and interesting file locations are listed here, among other things.

### Reporting

Most penetration tests involve writing reports after the assignment. I will collect some useful information and tools and put them here as I find them.

### Methodology

This last part will contain a full write-up of a vulnerable machine in the future, with use cases for this repository. There's also a list of cool soft- and hardware that you might like!