David Perfors

On this page I keep my notes about how I perform penetration testing. The information on these pages will evolve during my process of learning more about penetration testing.

How to learn penetration testing

Some resources I found useful while learning penetration testing:

• Over The Wire
• VulnHub
• Hack The Box

Kali Linux

Kali linux is my distribution of choice when it comes to penetration testing. There are several options to setup the box:

• using a premade box, I had some limitations, possibly due to the fact that the guest additions weren’t correctly installed.
• using vagrant files

This Vagrant option I am currently trying. It greatly appeals to me, because of the easy of sharing box definitions and the ease of modification.

My workflow

The following pages describe how I attempt to tackle CTF’s and machines from Hack The Box. It probably isn’t the best (or even the right) way, but it does seem to work for me.

• Reconnaissance
• Reverse Shells