-
It’s been a while since I detailed some progress on the CPTS, so here’s where we’re at: I’ve just finished the module titled: ‘Pivoting, Tunneling, Port Forwarding‘. It was challenging to learn and internalize a lot of the techniques that were taught so this post is basically my notes from experimenting with pivoting and a short tutorial on how to establish a pivot and double pivot with Ligolo-NG. Note: the skills assessment for the HTB module is what I used…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
It’s been a few weeks since I’ve posted, but I’m happy to report that I’ve kept working on the CPTS modules and am a few ahead of this post at time of writing, so I’ll be backfilling for a while here with a ton of content that I’ve learned. There was a section after section 3, information gathering, titled ‘Vulnerability Assessment‘. I’ve decided not to dedicate an entire post to the concept as it’s relatively simple and not as applicable…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jumping right into it this week: This module really wasn’t too difficult, although I did run into some trouble with the skills assessment. To quickly summarize, this module covered some surface level web hacking techniques, namely enumeration and digging through hidden directories to establish a viable target list. Below is a rough outline and what I learned from each section: Skills assessment | lessons learned The skills assessment here should have been simple, but just as the previous ones I…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
I clearly misspoke a few posts ago, as two days of study time is not 24 hours of study time, but rather 48 hours of study time, as is evidenced by the time it took me to complete this module. This was an extremely comprehensive section regarding manually footprinting common services and the labs were particularly challenging. I don’t want to get DMCA’d by HTB, so I won’t list any specifics or walkthroughs from the module but rather some things…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Diving right into it, I finished the ‘Network Enumeration with Nmap‘ section over the weekend and am dragging my feet on the ‘Footprinting’ module this week so I decided to write a short post about the Nmap module and how it is shaping my enumeration methodology. For those who don’t know, NMAP is a free and open source network mapping utility for network discovery and security auditing. It is capable of many things, primarily host and port enumeration, which is…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
NordbySec 