From 42d77a16365d94ba72e2bd37b14ad8103dd92b94 Mon Sep 17 00:00:00 2001 From: 51x Date: Fri, 18 Mar 2016 22:08:24 +0100 Subject: [PATCH] Methodology update. --- LICENSE.txt | 2 +- penetration_test_black_box.txt | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/LICENSE.txt b/LICENSE.txt index 938bb8d..51ca031 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -426,7 +426,7 @@ To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: - Copyright (c) YEAR YOUR NAME. + Copyright (c) 2016 51x. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; diff --git a/penetration_test_black_box.txt b/penetration_test_black_box.txt index 76bb229..6887382 100644 --- a/penetration_test_black_box.txt +++ b/penetration_test_black_box.txt @@ -49,6 +49,7 @@ Question ideas for full black box penetration test phases - Misconfigured services? - Tickets (Kerberos)? - Wrong permissions? System running world writable files? + - Bypass of functions (eg. applocker bypasses)? - Local privilege escalation exploits? - Other users and their interaction? @@ -59,6 +60,7 @@ Question ideas for full black box penetration test phases - /etc/passwd users? - Wrong permissions? Guid/suid? rwxrwxrwx? - Misconfigured services? + - Bypass of functions (eg. apparmor bypass)? - Local privilege escalation exploits? - Other users and their interaction (eg. X hacking)?