Skip to content

Open-source methodology on pentesting and risk mitigation

License

Notifications You must be signed in to change notification settings

HeckerBirb/infosec-manual

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

60 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

The Infosec Manual

An "Open-source methodology on pentesting and risk mitigation" is a manual intended to be used as references when either seeking information on infosec risk mitigation or penetration testing.

Contents

The manual is split up into sections, one for common service testing and one for common privilege escalation techniques.

Services

The services part contains information about common techniques and commands to try out on a particular server, in order to determine whether or not the service is vulnerable to certain attacks.

Privesc

The privesc section contains articles for common pitfalls and quick checks as well as more subtle information gathering and scripts that help by automating a lot of the work.

The vision

my vision of this manual is to provide easy-to-read information about how to test the security of particular services and how to further strengthen the security of these, related to the described vulnerabilities or misconfigurations.

Work in progress

This manual is very much work in progress. Please read the "CONTRIBUTING.md" file and then see the Issues page for ideas on where to get started (or suggest other contributions entirely).

About

Open-source methodology on pentesting and risk mitigation

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •