Red Team (Offense)


This section will contain training/notes on these topics:

  • Penetration Testing Techniques
  • WebApp Penetration Testing Techniques
  • Vulnhub Practice

NOTE: I will not explain the basics in this section at all. If you are having trouble following along, please reference back to the InfoSec Core Concepts section.

What is Red Team (Offense)?

According to DoDD 8570.1, a Red Team is: “An independent, focused threat-based effort by an interdisciplinary, simulated adversary to expose and exploit vulnerabilities to improve IS security posture.”

Penetration Testing Techniques


Web App Penetration Testing Techniques


Vulnhub Practice

VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

My first CTF: Sectalks-bne0x03:

VM is available at:,141/

Here is the documented process of how I cracked this box and found the flag:

The tools I utilized for this VM were:

  1. NMAP –
  2. Nikto –
  3. Dirb –
  4. Burp-Suite –