I am currently in the learning process,
I have grasped a few basics of general pentesting,
using stuff like burpsuite to intecept, nmap to enumerate, nikto dirbuster,
The general idea behind enumerating data is grasped for the most part for me, however once that part is done, i end up stuck,
Anyone can share their tips, as to how to upload payloads to
a machine , once the Information gathering is done ?
Which is important to look for, during the Information gathering process,
to then end up using msfvenom, msfconsole, reverse shells, etc (to get user / root)
The main problem is probably, How do you recognise, how is the system vulnerable to one particular technique, and then how to apply that.
I’ve seen a few techniques already, but it seems like there are A TON of them
Any tips, maybe common examples to look out for, would be appreciated !