33 lines
737 B
Markdown
33 lines
737 B
Markdown
#|||ORG_NAME||| #external #general
|
|
|
|
# Scope
|
|
|
|
(past scope from workbook)
|
|
|
|
# PPC
|
|
|
|
Planning call notes:
|
|
* methodolgy
|
|
* whole month testing window
|
|
* start with a vuln scan in nessus pro
|
|
* pentesting execution standard framework
|
|
* info gathering
|
|
* recon
|
|
* exlpoitation
|
|
* reporting
|
|
* primary objective
|
|
* reasonable and expected protections are in place
|
|
* see if we can get access to the internal network
|
|
* if we do get inside
|
|
* reach out to the contact and see what they'd want us to know
|
|
* questions to ask
|
|
* custom objectives
|
|
* nope:
|
|
* testing main website
|
|
* include office 365
|
|
* password attacks
|
|
* password sprays 3-12 hours
|
|
* lock out policy -
|
|
* primary contact -
|
|
* emergency contact method -
|