├── .gitignore
├── .travis.yml
├── CNAME
├── LICENSE
├── README.md
├── index.adoc
└── reveal-js.LICENSE


/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | language: ruby
 2 | before_install:
 3 |  - gem install asciidoctor-revealjs
 4 | script:
 5 |  - mkdir -p ./build/revealjs/
 6 |  - git clone -b 3.5.0 --depth 1 https://github.com/hakimel/reveal.js.git
 7 |  - cd reveal.js
 8 |  - GIT_WORK_TREE=../build/revealjs/ git checkout -f >> /dev/null
 9 |  - cd ../
10 |  - asciidoctor-revealjs -o ./build/index.html index.adoc
11 | deploy:
12 |   provider: pages
13 |   skip_cleanup: true
14 |   github_token: $GITHUB_TOKEN
15 |   local_dir: ./build/
16 | 


--------------------------------------------------------------------------------
/CNAME:
--------------------------------------------------------------------------------
1 | opensourcepentest.com
2 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | CC0 1.0 Universal
  2 | 
  3 | Statement of Purpose
  4 | 
  5 | The laws of most jurisdictions throughout the world automatically confer
  6 | exclusive Copyright and Related Rights (defined below) upon the creator and
  7 | subsequent owner(s) (each and all, an "owner") of an original work of
  8 | authorship and/or a database (each, a "Work").
  9 | 
 10 | Certain owners wish to permanently relinquish those rights to a Work for the
 11 | purpose of contributing to a commons of creative, cultural and scientific
 12 | works ("Commons") that the public can reliably and without fear of later
 13 | claims of infringement build upon, modify, incorporate in other works, reuse
 14 | and redistribute as freely as possible in any form whatsoever and for any
 15 | purposes, including without limitation commercial purposes. These owners may
 16 | contribute to the Commons to promote the ideal of a free culture and the
 17 | further production of creative, cultural and scientific works, or to gain
 18 | reputation or greater distribution for their Work in part through the use and
 19 | efforts of others.
 20 | 
 21 | For these and/or other purposes and motivations, and without any expectation
 22 | of additional consideration or compensation, the person associating CC0 with a
 23 | Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
 24 | and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
 25 | and publicly distribute the Work under its terms, with knowledge of his or her
 26 | Copyright and Related Rights in the Work and the meaning and intended legal
 27 | effect of CC0 on those rights.
 28 | 
 29 | 1. Copyright and Related Rights. A Work made available under CC0 may be
 30 | protected by copyright and related or neighboring rights ("Copyright and
 31 | Related Rights"). Copyright and Related Rights include, but are not limited
 32 | to, the following:
 33 | 
 34 |   i. the right to reproduce, adapt, distribute, perform, display, communicate,
 35 |   and translate a Work;
 36 | 
 37 |   ii. moral rights retained by the original author(s) and/or performer(s);
 38 | 
 39 |   iii. publicity and privacy rights pertaining to a person's image or likeness
 40 |   depicted in a Work;
 41 | 
 42 |   iv. rights protecting against unfair competition in regards to a Work,
 43 |   subject to the limitations in paragraph 4(a), below;
 44 | 
 45 |   v. rights protecting the extraction, dissemination, use and reuse of data in
 46 |   a Work;
 47 | 
 48 |   vi. database rights (such as those arising under Directive 96/9/EC of the
 49 |   European Parliament and of the Council of 11 March 1996 on the legal
 50 |   protection of databases, and under any national implementation thereof,
 51 |   including any amended or successor version of such directive); and
 52 | 
 53 |   vii. other similar, equivalent or corresponding rights throughout the world
 54 |   based on applicable law or treaty, and any national implementations thereof.
 55 | 
 56 | 2. Waiver. To the greatest extent permitted by, but not in contravention of,
 57 | applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
 58 | unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
 59 | and Related Rights and associated claims and causes of action, whether now
 60 | known or unknown (including existing as well as future claims and causes of
 61 | action), in the Work (i) in all territories worldwide, (ii) for the maximum
 62 | duration provided by applicable law or treaty (including future time
 63 | extensions), (iii) in any current or future medium and for any number of
 64 | copies, and (iv) for any purpose whatsoever, including without limitation
 65 | commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
 66 | the Waiver for the benefit of each member of the public at large and to the
 67 | detriment of Affirmer's heirs and successors, fully intending that such Waiver
 68 | shall not be subject to revocation, rescission, cancellation, termination, or
 69 | any other legal or equitable action to disrupt the quiet enjoyment of the Work
 70 | by the public as contemplated by Affirmer's express Statement of Purpose.
 71 | 
 72 | 3. Public License Fallback. Should any part of the Waiver for any reason be
 73 | judged legally invalid or ineffective under applicable law, then the Waiver
 74 | shall be preserved to the maximum extent permitted taking into account
 75 | Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
 76 | is so judged Affirmer hereby grants to each affected person a royalty-free,
 77 | non transferable, non sublicensable, non exclusive, irrevocable and
 78 | unconditional license to exercise Affirmer's Copyright and Related Rights in
 79 | the Work (i) in all territories worldwide, (ii) for the maximum duration
 80 | provided by applicable law or treaty (including future time extensions), (iii)
 81 | in any current or future medium and for any number of copies, and (iv) for any
 82 | purpose whatsoever, including without limitation commercial, advertising or
 83 | promotional purposes (the "License"). The License shall be deemed effective as
 84 | of the date CC0 was applied by Affirmer to the Work. Should any part of the
 85 | License for any reason be judged legally invalid or ineffective under
 86 | applicable law, such partial invalidity or ineffectiveness shall not
 87 | invalidate the remainder of the License, and in such case Affirmer hereby
 88 | affirms that he or she will not (i) exercise any of his or her remaining
 89 | Copyright and Related Rights in the Work or (ii) assert any associated claims
 90 | and causes of action with respect to the Work, in either case contrary to
 91 | Affirmer's express Statement of Purpose.
 92 | 
 93 | 4. Limitations and Disclaimers.
 94 | 
 95 |   a. No trademark or patent rights held by Affirmer are waived, abandoned,
 96 |   surrendered, licensed or otherwise affected by this document.
 97 | 
 98 |   b. Affirmer offers the Work as-is and makes no representations or warranties
 99 |   of any kind concerning the Work, express, implied, statutory or otherwise,
100 |   including without limitation warranties of title, merchantability, fitness
101 |   for a particular purpose, non infringement, or the absence of latent or
102 |   other defects, accuracy, or the present or absence of errors, whether or not
103 |   discoverable, all to the greatest extent permissible under applicable law.
104 | 
105 |   c. Affirmer disclaims responsibility for clearing rights of other persons
106 |   that may apply to the Work or any use thereof, including without limitation
107 |   any person's Copyright and Related Rights in the Work. Further, Affirmer
108 |   disclaims responsibility for obtaining any necessary consents, permissions
109 |   or other rights required for any use of the Work.
110 | 
111 |   d. Affirmer understands and acknowledges that Creative Commons is not a
112 |   party to this document and has no duty or obligation with respect to this
113 |   CC0 or use of the Work.
114 | 
115 | For more information, please see
116 | <http://creativecommons.org/publicdomain/zero/1.0/>
117 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Open Source Pentest Docs: Pitch
 2 | 
 3 | [![Build Status](https://travis-ci.org/OpenSourcePentest/pitch.svg?branch=master)](https://travis-ci.org/OpenSourcePentest/pitch)
 4 | 
 5 | The initial conversation slides and menu of scenarios
 6 | 
 7 | - Live Version: https://opensourcepentest.github.io/pitch/ (Automatically built and deployed on every commit)
 8 | - PDF-able Version: https://opensourcepentest.github.io/pitch/?print-pdf
 9 | 
10 | ## Reference Material: 
11 | 
12 | - https://room362.com/post/2017/open-source-pentesting/
13 | 
14 | This project uses [asciidocs]() through the backend called [asciidoctor-reveal](https://github.com/asciidoctor/asciidoctor-reveal.js/).
15 | 
16 | If you need help with AsciiDoc syntac refer to their user guide here: http://www.methods.co.nz/asciidoc/userguide.html
17 | 
18 | ## Requirements to build
19 | 
20 | ```
21 | mubix@host:~$ gem install 'asciidoctor-revealjs'
22 | ```
23 | 
24 | ## Building
25 | 
26 | 1. Close the respository
27 | ```
28 | mubix@host:~$ git clone https://github.com/OpenSourcePentest/pitch
29 | ```
30 | 
31 | 2. Change directory into the `pitch` directory and pull down Reveal.js into the `revealjs` directory
32 | 
33 | ```
34 | mubix@host:~$ cd pitch
35 | mubix@host:~/pitch/$ git clone -b 3.5.0 --depth 1 https://github.com/hakimel/reveal.js.git revealjs
36 | ```
37 | 
38 | 3. Build the `index.html`
39 | 
40 | ```
41 | mubix@host:~/pitch/$ asciidoctor-revealjs -o index.html index.adoc
42 | ```
43 | 
44 | Thats it.. 
45 | 
46 | .. or you can cheat and just check out the version that Travis builds on very commit:
47 | 
48 | ```
49 | git clone -b gh-pages https://github.com/OpenSourcePentest/pitch.git
50 | ```
51 | 


--------------------------------------------------------------------------------
/index.adoc:
--------------------------------------------------------------------------------
  1 | :revealjsdir: revealjs
  2 | :backend: revealjs
  3 | :revealjs_slideNumber: true
  4 | :revealjs_transition: convex 
  5 | :revealjs_previewLinks: true
  6 | 
  7 | == Open Source Pentest Documents
  8 | 
  9 | Press 's' to show speaker notes...
 10 | 
 11 | https://github.com/OpenSourcePentest/pitch
 12 | 
 13 | === !
 14 | 
 15 | This slide deck is intended to be edited and used in a pitch to a partner, client or customer and is released under the Creative Commons Zero v1.0 license.
 16 | 
 17 | Thank you to all the contributors that make these documents amazing.
 18 | 
 19 | [NOTE.speaker]
 20 | --
 21 | Please, use this pitch however you wish. If you have any questions or want to add something and can't figure out how please email me, mubix@hak5.org
 22 | --
 23 | 
 24 | == Agenda
 25 | 
 26 | 1. Terminology
 27 | 2. Mindset
 28 | 3. Communications
 29 | 4. Common Fears
 30 | 5. Methodology
 31 | 6. Scenarios
 32 | 7. Addons
 33 | 
 34 | == Terminology
 35 | 
 36 | == What is Pentesting?
 37 | 
 38 | Engagement type that targets a computer, network or web application infrastructure for a company.
 39 | 
 40 | This type of engagement focuses on the **prevention** security layer. Finding, testing, classifying, and verifying vulnerabilities in the company's environment
 41 | 
 42 | == What is Red Teaming?
 43 | 
 44 | Team based engagements that includes the IT, social, and physical verticals. This type of engagements focus on all three layers of security defense, **prevention**, **detection**, and **response**. Findings focus on systemic, broad spectrum vulnerabilities in narrative format.
 45 | 
 46 | == Scenarios
 47 | 
 48 | == Breach Simulation
 49 | 
 50 | === BS: Description
 51 | 
 52 | === BS: Goals
 53 | 
 54 | == Black Box
 55 | 
 56 | === BB: Description
 57 | 
 58 | === BB: Goals
 59 | 
 60 | == Stolen Device
 61 | 
 62 | === SD: Description
 63 | 
 64 | === SD: Goals
 65 | 
 66 | == Opportunistic Attacker 
 67 | 
 68 | (1 week)
 69 | 
 70 | === OA: Description
 71 | 
 72 | * Loud (no stealth)
 73 | * Techniques
 74 | ** Login brute forcing
 75 | ** Fast / Large port range Nmap scanning
 76 | ** Vuln scanning / Web vuln scanning
 77 | ** SPAM style phishing
 78 | * Separating attack techniques by day for ease of identification
 79 | 
 80 | === OA: Goals
 81 | 
 82 | * Identify IT security maturity level
 83 | * Test prevention security layer
 84 | ** AV / HIPS
 85 | ** Proxy services
 86 | ** Web Application Firewalls
 87 | ** SPAM / Phishing filters
 88 | * Active or Post-Engagement Detection just to see if capabilities are working and can see “loud” attacks
 89 | 
 90 | == External w/ Credentials
 91 | 
 92 | === EW/C: Description
 93 | 
 94 | * Login Attempts
 95 | ** Company web login interfaces
 96 | ** VPN / Remote Access interfaces
 97 | ** Email interfaces
 98 | ** External / Cloud interfaces (Office365, Dropbox, Box, etc)
 99 | ** External / Cloud infrastructure (AWS, Azure)
100 | * Attempts to obtain code execution
101 | ** If obtained, post-exploitation is in-scope to better identify impact of scenario
102 | 
103 | === EW/C: Goals
104 | 
105 | * Identify authentication leak risk to the enterprise via stolen, backdoored, or disgruntled employee
106 | * Identify previously unknown authentication interfaces
107 | * Test prevention security layer
108 | ** 2-Factor Authentication / Multi-Factor Authentication
109 | * Test detection security layer
110 | ** Foreign / suspicious login identification / alerting
111 | 
112 | 
113 | == Add-Ons
114 | 
115 | == CxO Breach Training
116 | 
117 | == Password Auditing
118 | 
119 | == Wireless
120 | 
121 | == Social Engineering
122 | 
123 | == Physical
124 | 
125 | == Egress Testing
126 | 
127 | == Detection Collaboration
128 | 
129 | == C2 Detection Exercise
130 | 
131 | == Rogue Device
132 | 
133 | == Table Top
134 | 
135 | == Vendor Proving Ground
136 | 


--------------------------------------------------------------------------------
/reveal-js.LICENSE:
--------------------------------------------------------------------------------
 1 | Copyright (C) 2017 Hakim El Hattab, http://hakim.se, and reveal.js contributors
 2 | 
 3 | Permission is hereby granted, free of charge, to any person obtaining a copy
 4 | of this software and associated documentation files (the "Software"), to deal
 5 | in the Software without restriction, including without limitation the rights
 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 7 | copies of the Software, and to permit persons to whom the Software is
 8 | furnished to do so, subject to the following conditions:
 9 | 
10 | The above copyright notice and this permission notice shall be included in
11 | all copies or substantial portions of the Software.
12 | 
13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
19 | THE SOFTWARE.


--------------------------------------------------------------------------------