Pentest-Book
Recon
Enumeration
Exploitation
Post Exploitation
Mobile
Others
EXTERNAL PENTEST PLAYBOOK
Courses
Internal Pentest
- Internal Pentest CheatSheet

Powered by GitBook

On this page

EXTERNAL PENTEST PLAYBOOK

Common Pentest Findings

PreviousAttacking Login Portals NextPractical Ethical Hacking

Last updated 1 year ago

Insufficient Authentication Controls

Weak Password Policy

Insufficient Patching

Default Credentials

Insufficient Encryption

Information Disclosure

Username Enumeration

Default Web Pages

Open Mail Relays:

IKE Aggressive Mode

Unexpected Perimeter Services

Ex: RDP, Telnet, FTP, ...

Insufficient Traffic Blocking

Undetected Malicious Activity

How to Test for Open Mail Relays - Black Hills Information SecurityBlack Hills Information Security