Linkedin GitHub

🩻README
OSINT Fundamentals
External Pentest Playbook
Post Exploitation
Active Directory
Windows Privilege Escalation
Report Writing
- Findings Report
- Common Legal Documents
Linux Privilege Escalation

Powered by GitBook

On this page

Was this helpful?

External Pentest Playbook

Common Pentest Findings

PreviousEscalating Access NextInsufficient Authentication Controls

Last updated 1 year ago

Was this helpful?

Overview

These findings are ranked from most Critical to Least. The list is not all inclusive and is more just a list of findings commonly seen on external pentests.

Insufficient Authentication Controls

Weak Password Policy

Insufficient Patching

Default Credentials

Insufficient Encryption

Information Disclosure

Username Enumeration

Default Web Pages

Open Mail Relays

IKE Aggressive Mode

Unexpected Perimeter Services

Insufficient Traffic Blocking

Undetected Malicious Activity

Historical Account Compromises