Scan for Vulnerabilities

We’re searching for vulnerabilities in the host, applications, and information leakage.

• ☐ nmap scanning
• ☐ GoBuster
• ☐ Ping scanning
• ☐ Google dorking

Determine Versions

Gather version info from services and applications discovered during scanning.

• ☐ Banner grabbing
• ☐ Netcat / Telnet
• ☐ Shodan / Censys
• ☐ Inspect headers
• ☐ Throw intentional errors

Find Exploits

• ☐ SearchSploit
• ☐ Exploit-DB
• ☐ Google
• ☐ Shodan

Craft Payload

• ☐ msfvenom
• ☐ SearchSploit

Execute Payload

• ☐ Invoke-Command
• ☐ runas
• ☐ sudo

Establish Persistence

• ☐ Service takeovers
• ☐ Cron jobs
• ☐ Startup scripts

Escalate Privileges

• ☐ PowerUp.ps1
• ☐ LinEnum.sh
• ☐ LinPEAS / WinPEAS
• ☐ suid/guid
• ☐ sudo -l

Exfiltrate Data

• ☐ Invoke-WebRequest / iwr
• ☐ curl
• ☐ Imaginative custom methods

“Stay sharp, stay ethical — adapt faster than the threat.”