-
Notifications
You must be signed in to change notification settings - Fork 0
CTF Guides
Crypt0xDev edited this page Nov 2, 2025
·
1 revision
1. 🔍 Reconocimiento → Enum, OSINT, Port Scanning
2. 🚪 Identificación → Servicios, Tecnologías, Versiones
3. 🔓 Explotación → Vulnerabilidades, Payloads, RCE
4. 📈 Post-Explotación → Persistencia, Lateral Movement
5. 🏆 Privilege Escalation → Root/Administrator
6. 📝 Documentación → Writeup detallado
| Herramienta | Uso Principal | Comando Básico |
|---|---|---|
| nmap | Port scanning | nmap -sC -sV -oN scan.txt $IP |
| gobuster | Directory enumeration | gobuster dir -u http://$IP -w /usr/share/wordlists/dirb/common.txt |
| ffuf | Web fuzzing | ffuf -w wordlist.txt -u http://$IP/FUZZ |
| enum4linux | SMB enumeration | enum4linux -a $IP |
| Vulnerabilidad | Herramientas | Payloads Comunes |
|---|---|---|
| SQL Injection | sqlmap, Burp |
' OR 1=1--, UNION SELECT
|
| XSS | XSSHunter, Burp | <script>alert(1)</script> |
| LFI/RFI | Manual, Burp | ../../../etc/passwd |
| Command Injection | Manual |
;whoami, && id
|
# 1. Initial Scan
nmap -sC -sV -oN initial.nmap $IP
# 2. Full Port Scan
nmap -p- -oN full.nmap $IP
# 3. Web Enumeration
gobuster dir -u http://$IP -w /opt/SecLists/Discovery/Web-Content/common.txt# THM suele ser más guiado
nmap -sV $IP
gobuster -u http://$IP -w /usr/share/wordlists/dirb/common.txt# [Platform] Machine/Challenge Name
## 📋 Information
- **Difficulty**: Easy/Medium/Hard
- **OS**: Linux/Windows/Web
- **Points**: X points
## 🔍 Reconnaissance
[Nmap scans, service enumeration]
## 🚪 Initial Access
[How you got the first shell]
## 📈 Privilege Escalation
[Path to root/administrator]
## 🏁 Flags
- **User**: `user_flag_here`
- **Root**: `root_flag_here`
## 💡 Lessons Learned
[What you learned from this machine]# Alias útiles para CTFs
alias ll='ls -la'
alias scan='nmap -sC -sV -oN'
alias dirscan='gobuster dir -u'