WEEK 1 Plan
This foundational week focuses on solidifying essential Linux command-line interface (CLI)skills, understanding file system permissions, and basic networking concepts. It alsointroduces initial information gathering techniques crucial for penetration testing. Thetryhackme platform is an excellent resource for hands-on practice in these areas,complementing the initial pages of the OSCP course material.
WEEK 1 Plan
Learning Objectives:
- Master fundamental Linux commands and navigation.
- Understand and apply Bash scripting for automation.
- Comprehend Linux file permissions and user management.
- Utilize Netcat for basic network communication and banner grabbing.
- Perform initial reconnaissance using Whois, Google Hacking, and DNS enumeration.
- Conduct basic port scanning with Nmap and understand its output.
Key Topics & Tools:
- Linux CLI: ls , cd , pwd , cp , mv , rm , mkdir , cat , grep , find , man , sudo , apt/yum .
- Bash Scripting: Variables, loops, conditionals, functions, command substitution.
- Permissions: chmod , chown , umask , SUID/SGID/Sticky bits.
- Networking Basics: ip , ifconfig , route , ping , traceroute , netstat , ss .
- Netcat: Basic listener, client, file transfer, banner grabbing.
- Information Gathering:
- Whois: Domain information lookup.
- Google Hacking (Dorking): Advanced search operators for sensitive information.
- DNS Enumeration: dig , host , nslookup , dnsenum .
- Nmap: TCP/UDP port scanning, service version detection ( -sV ), OS detection ( -O ), script scanning ( -sC ).
- SMB/SMTP/SNMP Enumeration: Tools like enumlinux , nmap scripts.
Practice Resources:
- Tryhackme rooms: Linux Fundamentals, Network Services, Bash Scripting.
- OffSec PEN- Labs: Whois Enumeration, Google Hacking, Netcraft, DNS Enumeration,
- TCP/UDP Port Scanning, SMB/SMTP/SNMP Enumeration .
- Practice basic Nmap scans against vulnerable VMs ex Metasploitable .
📚 References
You can find me online at:
This post is licensed under CC BY 4.0 by the author.