Adding internal inf and AD testing methodologies#18
Closed
BC-Lucille wants to merge 0 commit intobugcrowd:mainfrom
Closed
Adding internal inf and AD testing methodologies#18BC-Lucille wants to merge 0 commit intobugcrowd:mainfrom
BC-Lucille wants to merge 0 commit intobugcrowd:mainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds two comprehensive testing methodologies for internal infrastructure and Active Directory environments. The methodologies provide structured checklists for security assessments, covering reconnaissance, vulnerability identification, and exploitation techniques.
- Adds a detailed Internal Network Penetration Testing methodology covering network reconnaissance, protocol assessments, and service enumeration
- Adds an Active Directory Testing methodology focusing on AD-specific attacks and privilege escalation techniques
- Both methodologies include tool recommendations and structured approach to testing various components
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 7 comments.
| File | Description |
|---|---|
| methodologies/Internal_Network_Methodology.json | Comprehensive methodology for internal network infrastructure testing including reconnaissance, protocols, databases, and web applications |
| methodologies/Active_Directory_Methodology.json | Structured methodology for Active Directory security testing including NTLM relay, DACL abuse, SCCM, ADCS, and Kerberos attacks |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| "tools": "Responder, Inveigh" | ||
| }, | ||
| { | ||
| "key": "unpatched_software_cve", |
There was a problem hiding this comment.
Duplicate key 'unpatched_software_cve' found. This key was already defined on line 41, which will cause JSON parsing issues.
| "tools": "Nmap, Zenmap" | ||
| }, | ||
| { | ||
| "key": "outdated_unsupported_os", |
There was a problem hiding this comment.
Duplicate key 'outdated_unsupported_os' found. This key was already defined on line 47, which will cause JSON parsing issues.
| "tools": "Nessus, nmap" | ||
| }, | ||
| { | ||
| "key": "traffic_poisoning", |
There was a problem hiding this comment.
Duplicate key 'traffic_poisoning' found. This key was already defined on line 53, which will cause JSON parsing issues.
Suggested change
| "key": "traffic_poisoning", | |
| "key": "unpatched_software_cve_2", | |
| "title": "Unpatched Software & CVEs", | |
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions. ", | |
| "tools": "Nmap, Zenmap" | |
| }, | |
| { | |
| "key": "outdated_unsupported_os_2", | |
| "title": "Outdated and Unsupported Operating Systems", | |
| "description": "Identify hosts using outdated and end-of-life operating systems.", | |
| "tools": "Nessus, nmap" | |
| }, | |
| { | |
| "key": "traffic_poisoning_2", |
| { | ||
| "key": "unpatched_software_cve", | ||
| "title": "Unpatched Software & CVEs", | ||
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions. ", |
There was a problem hiding this comment.
Trailing space after the period in the description text.
Suggested change
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions. ", | |
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions.", |
| { | ||
| "key": "unpatched_software_cve", | ||
| "title": "Unpatched Software & CVEs", | ||
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions. ", |
There was a problem hiding this comment.
Trailing space after the period in the description text.
Suggested change
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions. ", | |
| "description": "Identify the use of outdated and unpatched software in use throughout the network. Assess which publicly disclosed vulnerabilities impact these software versions.", |
| { | ||
| "key": "tftp", | ||
| "title": "TFTP (Trivial File Transfer Protocol)", | ||
| "description": "Attempt to brute-force files from available TFTP servers. For any enumerated files, search for the presence of sensitive data (e.g credentials, configuration data). Fingerprint the TFTP software version and assess whether it is impacted by known vulnerabilities. ", |
There was a problem hiding this comment.
Double space between 'from' and 'available', and trailing space after the period.
Suggested change
| "description": "Attempt to brute-force files from available TFTP servers. For any enumerated files, search for the presence of sensitive data (e.g credentials, configuration data). Fingerprint the TFTP software version and assess whether it is impacted by known vulnerabilities. ", | |
| "description": "Attempt to brute-force files from available TFTP servers. For any enumerated files, search for the presence of sensitive data (e.g credentials, configuration data). Fingerprint the TFTP software version and assess whether it is impacted by known vulnerabilities.", |
| { | ||
| "key": "mssql_default_creds", | ||
| "title": "MSSQL: Default Credentials", | ||
| "description": "Determine whether you can gain access to the MSSQL server(s) using default or weak credentials (e.g sa:sa).", |
There was a problem hiding this comment.
Double space between 'using' and 'default'.
Suggested change
| "description": "Determine whether you can gain access to the MSSQL server(s) using default or weak credentials (e.g sa:sa).", | |
| "description": "Determine whether you can gain access to the MSSQL server(s) using default or weak credentials (e.g sa:sa).", |
Contributor
|
raised a new one here: #23 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adding methodologies for internal infrastructure and active directory testing.