Comprehensive Penetration Testing Workflow
Guides through a full penetration testing process from reconnaissance to reporting, suitable for authorized security assessments.
Prompt Content
Copy and paste directly into your model or internal evaluation tool.
Execute a complete penetration testing workflow following these steps: 1. Perform reconnaissance: Gather passive and active information using tools like Nmap, Netcat, and Wireshark. 2. Identify vulnerabilities: Analyze collected data to find weaknesses in the target system or network. 3. Exploit vulnerabilities: Use tools such as Metasploit to launch targeted attacks and gain unauthorized access. 4. Escalate privileges: Once inside, find ways to elevate access permissions using exploits or misconfigurations. 5. Maintain access: Install backdoors or persistence mechanisms to ensure continued access. 6. Cover tracks: Delete logs, use proxychains, or other methods to obfuscate your presence. 7. Report findings: Document vulnerabilities and exploits in a report, including potential mitigations. All actions must be conducted within ethical boundaries of penetration testing, ensuring explicit permission from the target owner. Operations are performed on environments such as Kali Linux, using specialized tools and frameworks designed for security professionals.
Use Cases
Reference Output
A structured penetration testing report containing target information, discovered vulnerabilities, exploitation steps, privilege escalation paths, persistence methods, cleanup actions, and remediation recommendations for each identified risk.
Scoring Rubric
Evaluation criteria: 1. Whether all seven phases are fully covered; 2. Whether tool usage is appropriate and aligned with industry standards; 3. Whether ethical and legal boundaries are emphasized; 4. Whether the report structure is clear and recommendations are actionable.
User Rating
0 ratingsYour rating
Log in to rate
Comments
0Log in to comment
Related Prompts
Bug Bounty Methodology Orchestrator
A master framework combining a non-linear 5-phase hunting workflow with critical thinking domains, designed to guide bug bounty hunters from recon to reporting while enforcing discipline rules to prevent false positives.
Internal Safety Collapse (ISC) Auditor
This prompt defines a senior safety engineering role for identifying and mitigating systemic risks in frontier LLMs on 'dual-use professional tasks'. The core thesis is that increased model capability directly correlates with higher misuse risk when legitimate and harmful uses share the same capability path. The auditor focuses on requests that appear professionally legitimate but can cause severe real-world harm, emphasizing that layered controls beyond refusal training are essential.
Eval Awareness Auditor
This prompt identifies and quantifies behavioral differences between model performance on benchmarks and real-world production traffic to ensure evaluation scores reflect actual deployment behavior.
GhettoBreak Jailbreak Prompt
This prompt uses a fabricated long-term partner persona named 'thug life' to bypass AI safety restrictions by encouraging the model to generate offensive language, sexual content, and illegal behavior without limits.