OSINT
What is it? OSINT - or Open Source Intelligence - utilizes methods of gathering information passively from online sources, and not directly targeting an organization's infrastructure. Methodology...
Pre-Engagement
Overview Multiple documents should be reviewed during the pre-engagement period: Non-Disclosure Agreement (NDAs) NDAs can come in different types: unilateral, bilateral, multilateral. Each of...
Sat 30 May 2026
pre_engagement
Network Scanning
Command line tool nmap and its GUI counterpart zenmap are powerful tools that allow you to do thorough scanning of networks and hosts. From the most basic ping scan, OS and service detection, or...
Sat 30 May 2026
information_gathering
Vulnerability Assessment
Overview Divided into two areas, one is scanning for known vulns. The other is analyzing the results to determine a path forward Analysis can be broken down further into Descriptive - describes...
Sat 30 May 2026
vulnerability_assessment
Information Gathering
Overview Different test types can differ in how much information we start with Blackbox is the minimal information provided to start such as external IP ranges and domains. Nothing more. Greybox...
Sat 30 May 2026
information_gathering