How To: Advanced Penetration Testing - Part 1 (Introduction)

Advanced Penetration Testing - Part 1 (Introduction)

Hello! My name is An0nex. I am an ethical hacker who wants to share the art of hacking with all of you guys!

Reconnaissance is a big part in the hacking community.

Penetration testing is most effective when you have a good grasp on the environment being tested. If you're an ethical hacker, penetration testing as a job, e.g. A company hired you to hack them and make a full summary on it, you will usually be given the average information. You will already have a map of the website down. But, sometimes, you need to get the information yourself, which is sometimes tricky.

In this chapter, I will be showing you how-to perform Advanced Reconnaissance Techniques.

In this chapter or however it is called here, our KEY TOPICS include:

1.) What is reconnaissance and why do we need it
2.) Reconnaissance types
3.) Using DNS to quickly identify potential targets
4.) Using search engines data
5.) Using metadata to your advantage

The types of reconnaissance we will be focused on our OSINT (Open Source Intellegence) and footprinting. If you're wondering... OSINT consists of gathering, processing, and analyzing publically available data and turning it into information that is actionable.

Important: This is a 'chapter' in reconnaissance but after sometime viewing at @Occupythewebotw 's page, I see he has made posts on reconnaissance already. Before I make another tutorial on this, please tell me above what you would rather like to be shown.

1.) Reconnaissance
2.) Remote Exploitation
3.) Web Application Exploitation
4.) Client-Side attacks
5.) Bypassing Firewalls, Avoiding Detection

Please tell me what you would rather like below! If no comments are made by tomorrow 6PM (My time), I'll just keep on with reconnaissance.

Thank you.

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.


remote exploitation and bypass firewall sounds good to me

Quite honestly just pick what ever you know best and make it on that. Lots o topics have already been covered here on null byte so maybe try to find a novel way to do something. Whatever it is I'm looking forward to it :)



If it has been already covered, you can make a link to the post and then write few lines on what you get from it, and what you will be using for the main subject of your post, it's always good to use what's already done

Share Your Thoughts

  • Hot
  • Latest