> For the complete documentation index, see [llms.txt](https://lyethar.gitbook.io/methodology/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://lyethar.gitbook.io/methodology/readme.md).

# Introduction

<figure><img src="https://c.tenor.com/RvI_dsjz5Y8AAAAd/fullmetal-alchemist-roy-mustang.gif" alt=""><figcaption></figcaption></figure>

### About me

My name is Fabian. I started my penetration testing journey in Fall 2021 and have since worked through Hack The Box, Offensive Security's PWK labs, and Proving Grounds. I currently work as a Consultant/Penetration Tester and hold the following certifications: OSEP, OSCP, eCPPTv2, eJPT, and CARTP. This wiki is where I document the methodology, tools, and techniques I've developed and refined along the way. I hope you find it useful.

### How to use this wiki

This wiki is organized around the standard penetration testing lifecycle. Each section represents a phase of an engagement, with dedicated pages covering tools, commands, and decision logic for that phase. Whether you are working a CTF box or a real assessment, you can navigate directly to the relevant phase and follow along.

### Methodology phases

Enumeration — Identify all open ports and services. Build your attack surface map before touching anything.

Exploitation — Leverage identified vulnerabilities to gain initial access. Covers vulnerable services, web attacks, and password attacks.

Privilege Escalation — Move from a low-privileged shell to SYSTEM or root. Covers Windows token abuse, misconfigured services, and Linux SUID/sudo/cron paths.

Post-Exploitation — Actions taken after gaining elevated access: credential dumping, lateral movement, and persistence.

Active Directory — AD-specific attack chains: user enumeration, Kerberoasting, ASREPRoasting, and domain privilege escalation.

<figure><img src="/files/kpPutvvkycyx1oIAagRs" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/CV0NyytAqAkh90dlzy7U" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/Ihqh6EzoJ5EuPVr3vpyG" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/0yu19llRujrv5N2Jebsq" alt=""><figcaption></figcaption></figure>
