This page will provide links to Technical Assessment Plans that I have created that can be used to conduct assessments using the tools and utilities that a penetration tester would use. The assessment plans are structured in a way to help with the documentation of evidence for inclusion in a workpaper process. The plans provide helpful information on how to install, configure, and use the tools to obtain the evidence needed for an engagement. This page will continue to grow and improve as I document the methods I used when conducting audit engagements as a penetration tester.
External Fingerprinting Worksheet – Use standard Windows and Linux commands and freely download-able utilities to gather information about a target.
Windows Enumeration Worksheet – Use standard Windows commands and freely download-able utilities to enumerate the machines, users, and groups in a networked Windows Domain environment.
Windows Password Assessment Worksheet – Use open source and freely download-able utilities to assess the password strength in a networked Windows Domain environment. Password testing includes password policy assessment, password hash extraction, and online and offline dictionary attacks.
SNMP Assessment Worksheet – Use open source and freely download-able utilities to assess the SNMP protocol. This is for auditors that do not have access to or cannot afford the Solarwinds toolset. This is version 0.1 of the document and I plan on making updates and add new tools in the future.