Welcome to the Merimetso crib-sheet GitHub repository. The goal of this repository is to provide you with a some notes that you may find useful when conducting a penetration test. Information on the Merimetso Check Team Member course can be located at Merimetso Web Site.
-
The Engagement Lifecycle
-
The Role of Risk Management in Penetration Testing
-
Introduction to NIST
-
IP Protocols and Networking
-
Patch Management and Build Reviews
-
Cryptography
-
Hardware Security
-
Introduction to IP
-
Introduction to TCP (1)
-
Introduction to TCP (2)
-
Introduction to UDP
-
Introduction to ICMP
-
Open Source Intelligence
-
DNS
-
How to Use the TRACEROUTE/TRACERT Commands on a Security Test.
-
Information Leakage
-
Using Metasploit for Vulnerability Exploitation.
-
Brute Forcing with HYDRA
-
Introduction to Microsoft Windows
-
The Microsoft Windows File System and File System Security
-
How to Use PowerShell on a Security Test (1).
-
Introduction to Unix/Linux
-
The Unix/Linux File System and File System Security
-
Introduction to Database security
-
Brute Forcing a Data Connection
- Introduction to Web Security
-
Introduction to Physical Security
-
Locks and Tamper Resistance
- Introduction to Virtualisation and Containerisation
- Introduction to Cloud Security
- Introduction to Secure Development Operations
-
Chris McNab, Network Security Assessment: Know Your Network, 3rd Edition, O'Reilly, 2016
-
Tim Bryant, PTFM: Purple Team Field Manual, Independently Published, 2020
For further information and questions please contact Dr Andrew Blyth, PhD. [email protected]. Information on the Merimetso Check Team Member course can be located at Merimetso Web Site.