Synced from an Obsidian vault

For graph and advanced features, download the full Intel Codex Vault and open it in Obsidian.

Penetration Testing SOPs

This directory contains Standard Operating Procedures (SOPs) for penetration testing across various domains and platforms.

Available Pentesting SOPs

Infrastructure & Systems

• Linux Pentesting
• Active Directory Pentesting

Applications & Development

• Web Application Security
• Mobile Security Testing
• Firmware Reverse Engineering

Offensive Security

• Vulnerability Research
• Bug Bounty Methodology
• Detection Evasion Testing

Defensive & Forensics

• Forensics Investigation

Purpose

These SOPs provide standardized procedures for:

• Conducting security assessments and penetration tests
• Identifying and exploiting vulnerabilities
• Testing security controls and defensive measures
• Researching new vulnerabilities and attack techniques

Common Workflows

Web Application Testing

1. Web Application Security - OWASP Top 10
2. Bug Bounty - For responsible disclosure
3. Vulnerability Research - For novel vulnerabilities

Infrastructure Pentesting

1. Linux Pentesting - Unix/Linux systems
2. Active Directory Pentesting - Windows environments
3. Detection Evasion - Bypassing defenses

Mobile & Embedded

1. Mobile Security - iOS/Android applications
2. Firmware RE - IoT and embedded devices
3. Vulnerability Research - For exploit development

Post-Exploitation & Investigation

1. Detection Evasion - Maintaining access
2. Forensics Investigation - Evidence collection

Navigation

• Return to Start
• See also: Analysis SOPs