Resource

CTF Starter Kit

Complete Notion template for CTF challenges and penetration testing enumeration.

About This Template

This is a comprehensive Notion template designed to streamline your workflow during CTF challenges and penetration testing engagements. Whether you're competing in a Capture The Flag event or conducting a professional pentest, this template provides a structured approach to documenting your enumeration, findings, and exploitation steps.

๐Ÿ’ก What's Included:

This Notion template comes pre-loaded with essential manual enumeration commands and checklists for:

  • Linux Systems - Privilege escalation paths, file permissions, cron jobs, SUID binaries, and more
  • Windows Systems - Registry enumeration, service misconfigurations, scheduled tasks, token privileges
  • Active Directory - Domain enumeration, user/group discovery, delegation abuse, Kerberoasting, and lateral movement techniques

How to Use

  1. Download the zip file below and extract it
  2. Open Notion and navigate to the workspace where you want to import the template
  3. Click on "Import" in the sidebar
  4. Select the extracted files and import them into your Notion workspace
  5. Customize the template to fit your workflow and start documenting your findings!

๐Ÿ“‹ Organized Structure

Pre-built sections for reconnaissance, enumeration, exploitation, privilege escalation, and post-exploitation phases.

โšก Quick Commands

Copy-paste ready enumeration commands for rapid assessment of target systems.

๐ŸŽฏ CTF-Focused

Structured workflow optimized for CTF competitions and learning environments.

๐Ÿ” Pentest Ready

Professional format suitable for real-world penetration testing engagements and reporting.

Download

CTF Enumeration Template (Notion)

Download this Notion template to streamline your CTF and penetration testing workflow.

โฌ‡ Download Template (ZIP)

File Verification Hashes

Verify the integrity of your download using these checksums:

MD5:
acfd3025ccc89b3bad7b7395be4d0fbf
SHA1:
d05ecf6846ba2641d1403b07c1662f9954458267
SHA256:
224647346666fb539cec0dced4cccc0e0646ff880fd9df628346aa84fa198069

๐Ÿ”’ Security Note:

Always verify downloaded files using the checksums above. Run md5sum, sha1sum, or sha256sum on the downloaded file and compare the output with the hashes listed above to ensure file integrity.

What's Inside

Linux Enumeration Commands

  • System information gathering (uname, hostname, kernel version)
  • User and group enumeration
  • Network configuration and active connections
  • Running processes and services
  • SUID/SGID binary discovery
  • Writable directories and files
  • Cron jobs and scheduled tasks
  • Installed packages and software versions

Windows Enumeration Commands

  • System information (systeminfo, OS version, architecture)
  • User privileges and group memberships
  • Network configuration and routing tables
  • Running services and unquoted service paths
  • Scheduled tasks enumeration
  • Registry key analysis
  • Installed software and patch levels
  • Token privileges and impersonation opportunities

Active Directory Enumeration

  • Domain controller identification
  • User and computer object enumeration
  • Group membership analysis
  • Trust relationships discovery
  • Service Principal Names (SPN) enumeration
  • Kerberoasting and AS-REP Roasting checks
  • Delegation abuse opportunities
  • BloodHound data collection commands

Support & Contributions

Found this template helpful? Have suggestions for improvements? Feel free to reach out or contribute additional enumeration commands and techniques. This is a living document that grows with the community.

Remember: Always use these tools and techniques ethically and only on systems you have explicit permission to test.