๐ŸฆนPentesting Fundamentals

Learn the important ethics and methodologies behind every pentest

LogoTryHackMe | Pentesting FundamentalsTryHackMe
https://tryhackme.com/room/pentestingfundamentals

Room AttributesValue

Subscription Required

False [Free]

Type

Walkthrough

Difficulty

Info

Tags

Cybersecurity, Framework, Penetration Testing, Ethics

Task 1 What is Penetration Testing?

Read me!

No answer needed

Task 2 Penetration Testing Ethics

You are given permission to perform a security audit on an organisation; what type of hacker would you be?

HINT: Look at the hat categories in this task.

Reveal Flag ๐Ÿšฉ

๐ŸšฉWhite Hat

You attack an organisation and steal their data, what type of hacker would you be?

Reveal Flag ๐Ÿšฉ

๐ŸšฉBlack Hat

What document defines how a penetration testing engagement should be carried out?

Reveal Flag ๐Ÿšฉ

๐ŸšฉRules of Engagement

Task 3 Penetration Testing Methodologies

What stage of penetration testing involves using publicly available information?

Reveal Flag ๐Ÿšฉ

๐ŸšฉInformation Gathering

If you wanted to use a framework for pentesting telecommunications, what framework would you use? Note: We're looking for the acronym here and not the full name.

Reveal Flag ๐Ÿšฉ

๐ŸšฉOSSTMM

What framework focuses on the testing of web applications?

Reveal Flag ๐Ÿšฉ

๐ŸšฉOWASP

Task 4 Black box, White box, Grey box Penetration Testing

You are asked to test an application but are not given access to its source code - what testing process is this?

Reveal Flag ๐Ÿšฉ

๐ŸšฉBlack Box

You are asked to test a website, and you are given access to the source code - what testing process is this?

Reveal Flag ๐Ÿšฉ

๐ŸšฉWhite Box

Task 5 Practical: ACME Penetration Test

Complete the penetration test engagement against ACME's infrastructure.

Reveal Flag ๐Ÿšฉ

๐ŸšฉTHM{PENTEST_COMPLETE}

PreviousIntro to Offensive SecurityNextCVE Walkthroughs

Last updated