đŸŠčPentesting Fundamentals

Learn the important ethics and methodologies behind every pentest

LogoTryHackMe | Pentesting FundamentalsTryHackMe
https://tryhackme.com/room/pentestingfundamentals

Room Attributes
Value

Subscription Required

False [Free]

Type

Walkthrough

Difficulty

Info

Tags

Cybersecurity, Framework, Penetration Testing, Ethics

Task 1 What is Penetration Testing?

Read me!

No answer needed

Task 2 Penetration Testing Ethics

You are given permission to perform a security audit on an organisation; what type of hacker would you be?

HINT: Look at the hat categories in this task.

Reveal Flag đŸš©

đŸš©White Hat

You attack an organisation and steal their data, what type of hacker would you be?

Reveal Flag đŸš©

đŸš©Black Hat

What document defines how a penetration testing engagement should be carried out?

Reveal Flag đŸš©

đŸš©Rules of Engagement

Task 3 Penetration Testing Methodologies

What stage of penetration testing involves using publicly available information?

Reveal Flag đŸš©

đŸš©Information Gathering

If you wanted to use a framework for pentesting telecommunications, what framework would you use? Note: We're looking for the acronym here and not the full name.

Reveal Flag đŸš©

đŸš©OSSTMM

What framework focuses on the testing of web applications?

Reveal Flag đŸš©

đŸš©OWASP

Task 4 Black box, White box, Grey box Penetration Testing

You are asked to test an application but are not given access to its source code - what testing process is this?

Reveal Flag đŸš©

đŸš©Black Box

You are asked to test a website, and you are given access to the source code - what testing process is this?

Reveal Flag đŸš©

đŸš©White Box

Task 5 Practical: ACME Penetration Test

Complete the penetration test engagement against ACME's infrastructure.

Reveal Flag đŸš©

đŸš©THM{PENTEST_COMPLETE}

PreviousIntro to Offensive SecurityNextCVE Walkthroughs

Last updated