VAPT Methodology : Cyber-kill chain: Reconnaissance and Information Gathering : OSINT, Breached credentials, Subdomain brute forcing, Directory scanning. Scanning and Enumeration : Scanning and exploiting open ports and services, Scanning for potential exploits in public vulnerability databases. Exploitation Basics : Metasploit, Gaining access to machines using vulnerabilities, Custom exploitation scripts, Password brute forcing, Password spraying. Active Directory : LLMNR poisoning, SMB relays, IPv6 DNS takeovers, pass-the-hash/pass-the- password, token impersonation, kerberoasting, GPP attacks, golden ticket attacks. Maintaining access : Reverse shell, file transfer. Web Application Penetration Testing. Automated Vulnerability scanners: Nessus, NMap, Metasploit, Acunetix. Report Writing : Statements of Work, Rules of Engagement, Non-Disclosure Agreements, and Master Service Agreements
