High level attack and finding maps for all your penetration testing, hacking, bug bounty and red teaming needs! To be more specific, this is a collection of Finding/Vulnerability/Attack Path/Exploit Mind Maps meant to assist in more findings, better vulnerability chains and a clearer path of how and where to test, look and leverage what you're encountering during an engagement.
git clone https://github.com/GainSec/LunchBox
Or click through the repo via GitHub's GUI!
- Yellow is starting point
- Red is the Finding/Vulnerability/Exploit
- Any parenthesis are relevant parameters, or other information to note
A target and knowledge on how to leverage these finding maps
- Create seperate folders for each type of offensive cyber security engagement
- Create seperate view based on phase and step of each type of engagement
- Create seperate view based on what piece is targeted (For example: By Request Headers, By Response, By Parameter Fuzzing)
- Add a brief description, overview, note or other relevant information to each mind map finding
- Add a link to tool, wordlist, example or similar to each mind map finding
This project is licensed under the GNU License - see the LICENSE.md file for details
- TBD
- Navigate to where your testing is starting from such as unauthenticated
- Select Finding Map based on what you're seeing in the response or output
- Select Finding Map based on what your looking to find
- Select Finding Map based on what vulnerabilities you've already found in order to find ways to chain findings