Pentest_Notes

🔴 Professional Penetration Testing Notes Repository

A comprehensive, structured, and actionable penetration testing reference. Last Updated: 2026-03-27

---

📖 Description

This repository is a professional-grade collection of penetration testing notes designed for:

• Active penetration testing engagements — copy-paste commands, step-by-step checklists
• HTB CPTS Exam preparation — domain-specific tips, common scenarios, time management
• OSCP / CBBH / similar certifications — comprehensive methodology coverage
• CTF competitions — quick-reference one-liners and techniques
• Long-term knowledge management — searchable, structured, cross-referenced

---

📂 Repository Structure

pentesting-notes/
├── 00_README.md                          # This file — master index
├── 00_Methodology_Checklist.md           # Master methodology checklist
├── 00_CPTS_Exam_Checklist.md             # CPTS exam-specific checklist
├── 01_Network_Pentesting.md              # Network penetration testing
├── 02_Web_Application_Pentesting.md      # Web application penetration testing
├── 03_Active_Directory_Pentesting.md     # Active Directory attacks
├── 04_Privilege_Escalation_Linux.md      # Linux privilege escalation
├── 05_Privilege_Escalation_Windows.md    # Windows privilege escalation
├── 06_Password_Attacks.md               # Password attacks & credential harvesting
├── 07_Pivoting_Tunneling_Port_Forwarding.md  # Pivoting & tunneling
├── 08_Social_Engineering.md              # Social engineering & phishing
├── 09_Wireless_Pentesting.md             # Wireless penetration testing
├── 10_Cloud_Pentesting.md               # Cloud penetration testing
├── 11_Mobile_Pentesting.md              # Mobile application pentesting
├── 12_Exploit_Development.md            # Exploit development & buffer overflows
├── 13_Shells_Payloads_C2.md             # Shells, payloads & C2
├── 14_OSINT_Passive_Recon.md            # OSINT & passive reconnaissance
├── 15_Reporting_Documentation.md        # Reporting & documentation
└── 16_Miscellaneous_Tools.md            # Miscellaneous / general tooling

---

🚀 Quick-Start Guide

During an Engagement or Exam:

1. Start with 00_Methodology_Checklist.md — follow the master checklist from start to finish.
2. Identify your current phase — reconnaissance, enumeration, exploitation, post-exploitation, etc.
3. Jump to the relevant domain file — use the table of contents below.
4. Follow the phase-specific checklist — each section has actionable checklists.
5. Copy-paste commands — all commands are in fenced code blocks ready for use.
6. Cross-reference — links between documents connect related concepts.

For CPTS Exam:

1. Start with 00_CPTS_Exam_Checklist.md
2. Focus heavily on: 02_Web_Application_Pentesting.md, 03_Active_Directory_Pentesting.md, 07_Pivoting_Tunneling_Port_Forwarding.md
3. Don’t forget 15_Reporting_Documentation.md

---

📋 Complete Table of Contents

#	File	Description
00	README.md	Master index (this file)
00	Methodology Checklist	Master penetration testing methodology
00	CPTS Exam Checklist	CPTS-specific exam tips and checklist
01	Network Pentesting	Host discovery, port scanning, service enumeration
02	Web Application Pentesting	Web attacks, directory enum, SQLi, XSS, LFI/RFI
03	Active Directory Pentesting	AD enumeration, Kerberos attacks, lateral movement
04	Privilege Escalation — Linux	Linux privesc techniques and enumeration
05	Privilege Escalation — Windows	Windows privesc techniques and enumeration
06	Password Attacks	Cracking, spraying, credential harvesting
07	Pivoting & Tunneling	Ligolo-ng, SSH tunneling, chisel, port forwarding
08	Social Engineering	Phishing, pretexting, client-side attacks
09	Wireless Pentesting	WiFi attacks, WPA/WPA2 cracking
10	Cloud Pentesting	AWS, Azure, GCP penetration testing
11	Mobile Pentesting	Android and iOS application testing
12	Exploit Development	Buffer overflows, shellcode, exploit writing
13	Shells, Payloads & C2	Reverse shells, bind shells, C2 frameworks
14	OSINT & Passive Recon	Open source intelligence gathering
15	Reporting & Documentation	Report writing, evidence collection
16	Miscellaneous Tools	Tmux, useful scripts, general tooling

---

🔖 Legend — Icons & Callouts

Icon	Meaning
⚠️ CPTS Exam Tip	Directly relevant to the CPTS exam
💡 Pro Tip	Practical advice from experience
🔴 Warning	Dangerous command or common mistake
🔗 Cross-Reference	Link to related content in another file
✅ Checklist	Actionable step-by-step checklist

---

🔑 Core Philosophy

“Enumeration is the key. If you get stuck, step back, review your steps, and try harder.”

It is the single most important principle in penetration testing.

---

🔗 Essential External Resources

Resource	URL
HackTricks	https://book.hacktricks.xyz/
WADCOMS	https://wadcoms.github.io/
GTFOBins	https://gtfobins.github.io/
PayloadsAllTheThings	https://github.com/swisskyrepo/PayloadsAllTheThings
LOLBAS	https://lolbas-project.github.io/
AD Mindmap	https://orange-cyberdefense.github.io/ocd-mindmaps/
PortSwigger Academy	https://portswigger.net/web-security
MITRE ATT&CK	https://attack.mitre.org/
SecLists	https://github.com/danielmiessler/SecLists
Precompiled .NET Binaries	https://github.com/jakobfriedl/precompiled-binaries