Pentest Mindset

The 3-Layer Question

At every foothold, answer these three:

1. What am I running on? (OS, version, role)
2. What can I talk to? (network, services, protocols)
3. Who am I? (user context, privileges, group memberships)

Triage Speed Rule

Spend ≤10 min on a rabbit hole before pivoting. If enumeration stalls, switch dimensions.

• Stuck on web? Try SMB, RPC, LDAP
• No creds? Try null sessions, AS-REP roasting, OSINT

Mindset

• Enumerate before exploiting: always
• Take notes as you go, not after
• If something feels like a rabbit hole, it probably is
• Think about what the box maker wants you to find