Evaluate your ability to gather information about a target using both passive and active techniques.
Covers key network reconnaissance topics such as identifying IP ranges and subnets, performing subdomain enumeration, and listing publicly exposed services.
Engage in interactive scanning using tools like Nmap to discover open ports, detect operating systems, and identify running services across TCP and UDP.
Use tools such as Nmap, dig, WHOIS, and others to enumerate infrastructure. Demonstrate practical knowledge in banner grabbing, DNS analysis, and service enumeration (among others) to build a solid attack surface map.
Assess your knowledge of common web application vulnerabilities and your ability to exploit and report them.
Focus on the OWASP Top 10, including practical scenarios involving SQL Injection, Cross-Site Scripting (XSS), IDOR, SSRF, and more.
Use THM's Attackbox or tools like Burp Suite and browser-based testing to identify and manually exploit input validation flaws, broken access control, and file upload issues.
Demonstrate the ability to bypass basic client-side controls, such as JavaScript restrictions or UI-based limitations, to manipulate application behavior or gain unauthorized access.