Marial's Notes
  • Hello!
  • Pentesterlab Labs
    • Recon Badge
      • recon_00 (/robots.txt)
      • recon_01 (404 pages)
      • recon_02 (/.well-known/security.txt)
      • recon_03 (directory listing)
      • recon_04 (/admin)
      • recon_05 (wfuzz)
      • recon_06 (vhost)
      • recon_07 (vhost over TLS)
      • recon_08 (alt name)
      • recon_09 (header)
      • recon_10 (visual recon)
      • recon_11 (virtual host brute)
      • recon_12 (load balance)
      • recon_13 (TXT)
      • recon_14 (zone transfer)
      • recon_15 (int zone transfer)
      • recon_16 (bind version)
      • recon_17 (dev name)
      • recon_18 (public repos)
      • recon_19 (find email)
      • recon_20 (check branches 1)
      • recon_21 (check branches 2)
      • recon_22 (deleted file)
      • recon_23 (commit message)
      • recon_24 (assets)
      • recon_25 (S3)
      • recon_26 (JS)
  • TryHackMe Rooms
    • Basic Pentesting
    • EasyPeasy
    • Kenobi
    • Vulnversity
Powered by GitBook
On this page
  • PentesterLab Free Tier Labs
  • TryHackMe Rooms

Was this helpful?

Hello!

NextRecon Badge

Last updated 7 months ago

Was this helpful?

Welcome to Marial's Notes, a growing collection of my experiences from labs and security exercises. This is just a starting point—more will be added soon as I continue to build and refine my work.

PentesterLab Free Tier Labs

TryHackMe Rooms

The content and notes provided on this website are for educational purposes only and should be used to promote ethical and responsible practices in penetration testing. I do not claim ownership of any tools mentioned; they are collected and shared based on what works for me in my learning journey. Any misuse of the information or tools found on this site for malicious purposes is strictly prohibited. I am not liable for any actions based on the information provided here. Always ensure you have proper authorization before engaging in any form of testing.

Cover

Recon Badge

The Recon badge is a set of 27 exercises created to help you learn Reconnaissance. From findings usual files down to DNS and TLS exploration, this badge will help you get better at finding new targets.

Cover

Basic Pentesting

This is a machine that allows you to practise web app hacking and privilege escalation

Cover

EasyPeasy

Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.

Cover

Kenobi

Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation.

Cover

Vulnversity

Learn about active recon, web app attacks and privilege escalation.