vault backup: 2025-03-16 18:59:42

Penetration Testing/Week 4/Week 4 - Pre-Engagement.md

@@ -1,12 +1,15 @@
 # Requirements
+
 Scope
-- What will be tested 
+
+- What will be tested
 - Start and End dates
 - Customer Objectives
 	- Strategic and Operational goals
 - Ensure requirements and expectations of customers being met
 
 Rules of Engagement
+
 - Detailed stages
 - Who is authorised
 - On or off site
@@ -26,7 +29,6 @@ Legal Signoff
 	- Data aggregation
 	- Data exfil
 - Immature (NIST T1) would benefit from a vulnerability analysis than a full pentest
-
 - Identify outsourced services
 	- In scope?
 	- Permission?
@@ -43,7 +45,7 @@ Legal Signoff
 - Why customer has pentest performed against env?
 	- Required for compliance?
 - When does customer want active testing conducted?
-	- During business hours or out? 
+	- During business hours or out?
 - How many IPs tested (internal/external)
 - How should testing team proceed if vulnerability found?
 
@@ -90,7 +92,7 @@ Legal Signoff
 
 # Questions
 
-## For company
+## For Company
 
 - Manage aware?
 - Main datum that would create greatest risk to organisation if exposed, corrupted or deleted?
@@ -98,4 +100,4 @@ Legal Signoff
 	- If no ISMS, lack maturity for test to be meaningful.
 - Testing and validations procedures to verify applications functioning in place?
 - Testers have access to QA testing procedures from when application developed?
-- Disaster Recovery Procedures in place for application data.
+- Disaster Recovery Procedures in place for application data.

Penetration Testing/Week 4/Workshop 4 - Google Dorking.md

@@ -7,6 +7,4 @@
 `(inurl:login.cgi OR inurl:login.php OR inurl:login.js) AND site:ac.uk AND password`
 ![](Pasted%20image%2020241011140717.png)
 
-
-1. https://hub.salford.ac.uk/sbs-disruptive-technologies/events/
-2. 
+1. <https://hub.salford.ac.uk/sbs-disruptive-technologies/events/>