Table of contents
Repository: https://github.com/blessing-mufaro/vapt-engagement-guide
📝The important bit
This repository will essentially serve as a VAPT (Vulnerability Assessment and Penetration Test) guide or handbook - simple as that. You can use it as a checklist during practical engagements or even in CTF challenges. The checklists are divided into two: internal and external - and based on the type of penetration test you're carrying out, feel free to fork this repository and hack away!!!
One other thing. You may be wondering why this particular checklist may differ from the majority out there, well that's because in this repository I'll also include commands for the tools I state at each stage, for your convenience. And of course, you may need to tweak the switches a bit to suit your environment but at least you get a starting point. Some may not be direct instructions on how to use a tool but a pointer to where you should look 👀.
I initially decided to make this a personal project but I felt it'll be more valuable as an open-source project. I will constantly make updates to this checklist, but please feel free to make a pull request if you have suggestions or additional tools to add to the lists.
1️⃣ One last thing
This list will include the tools I've used before in real-life engagements and found helpful (and others I've also used during capture-the-flag contests).
Each section (internal/external) will be categorized based on the standard phases of a penetration test
Information Gathering (Reconnaisance)
Scanning
Exploitation
Privilege Escalation (Maintaining Access)
Reporting
The structure within each section may differ slightly as content is added but that's the basic gist - and again, suggestions are welcome 🙃
For exploitation and privilege escalation there will be separate folders with Proof of Concept (POC) notes for various exploits. Illustrations for these POCs can be in the form of videos, screenshots and textual writeups.
Reference can be made to publicly accessible vulnerable machines on platforms like Try Hack Me, Vulnhub or Hack The Box to illustrate a POC with a practical example.