概要
TryHackMe「The Hacker Methodology」のWalkthroughです。
Task1
Q1.What is the first phase of the Hacker Methodology
A.Reconnaissance
Task2
Q1.Who is the CEO of SpaceX?
A.Elon Musk
Q2.Do some research into the tool: sublist3r, what does it list?
A.subdomains
Q3.What is it called when you use Google to look for specific vulnerabilities or to research a specific topic of interest?
A.Google Dorking
Task3
Q1.What does enumeration help to determine about the target?
Hint.two words!
A.Attack Surface
Q2.Do some reconnaissance about the tool: Metasploit, what company developed it?
A.Rapid7
Q3.What company developed the technology behind the tool Burp Suite?
A.portswigger
Task4
Q1.What is one of the primary exploitation tools that pentester(s) use?
A.Metasploit
Task5
Q1.In Windows what is usually the other target account besides Administrator?
A.System
Q2.What thing related to SSH could allow you to login to another machine (even without knowing the username or password)?
Hint.SSH ____
A.Keys
Task7
Q1.What would be the type of reporting that involves a full documentation of all findings within a formal document?
A.full formal report
Q2.What is the other thing that a pentester should provide in a report beyond: the finding name, the finding description, the finding criticality
A.Remediation recommendation