My Offensive Lab Methodology

This document covers my evolving approach to tackling CTF and offensive security labs, with a specific focus on the "boot to root" type labs like those found on Hack the Box. I'm a neophyte in this regard, so the purpose of these notes is to establish my current methods and use them as a lens to find areas to improve upon them. The intent of these notes isn't to get deep into specific exploit pathways or otherwise, but to lay out a broader methodology that can be applied to any individual challenge.

NOTE: this is absolutely intended to be notes about lab environments, rather than a description of a proper full penetration testing process. In most cases with the labs I'm working on these have clearly intended paths of exploitation, so the goal with them is to find them and exploit them specifically, rather than to provide a more holistic picture of vulnerabilities in the target's attack surface.

Currently this is an early draft, so many things will be updated over time. For the purpose of prepping this as part of the Git course I'm skipping creating supporting images for time, but they will be added later in places that need them.

Version: 0.1; last modified 2024-04-18

Copyright

You're welcome to borrow ideas from these notes, however the contents of this document remains under the below license:

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License. Written by Sean Edevane. No AI was used in any part of this writing process.