A comprehensive collection of penetration testing commands, techniques, and methodologies organized with MkDocs Material. This is me finally trying to get my notes in order, and will expand as I get round to various other tools/approaches and finding my useful links. These notes were built up over a career in pentesting and, after I moved towards SAST/DAST, things like CTFs. For my remediation guidance, look at https://dipsylala.github.io/FlawFixingGuidance/
Visit the documentation site: https://dipsylala.github.io/PentestingNotes
- Reconnaissance - Information gathering and target identification
- Enumeration - Service and vulnerability discovery
- Exploitation - Gaining access and privilege escalation
- Post-Exploitation - Maintaining access and data exfiltration
- Tools - Detailed tool-specific guides
- Cheat Sheets - Quick reference guides
PentestingNotes/
├── .github/
│ └── workflows/
│ └── deploy.yml # GitHub Actions workflow
├── docs/ # Documentation source files
│ ├── index.md # Home page
│ ├── reconnaissance/
│ ├── enumeration/
│ ├── exploitation/
│ ├── post-exploitation/
│ ├── tools/
│ └── cheatsheets/
├── mkdocs.yml # MkDocs configuration
├── requirements.txt # Python dependencies
└── README.md # This file
IMPORTANT: This documentation is for educational and authorized security testing purposes only.
- Only test systems you have explicit written permission to access
- Unauthorized access to computer systems is illegal
- The author is not responsible for misuse of this information
- Always follow responsible disclosure practices
This project is licensed under CC0 1.0 Universal (Public Domain Dedication). You may copy, modify, and use the content without restriction or attribution.
Please use responsibly and ethically.
Remember: With great power comes great responsibility. Always hack ethically and legally.