DIABLO
PENTESTING ยท HACKING ยท REPORTING
๐Ÿ““ Playbooks

Operational Playbooks for Diablo Runs

Ready-made flows you can adapt on the fly. Each phase highlights quick wins, safety checks, and reporting hooks so your runs stay auditable.

Return to main usage guide
๐Ÿ” Recon

Discovery & Scoping

Start lean. Prioritize targets, document approvals, and keep traffic low-noise before deep enumeration.

Network Sweep

Map what answers, then decide whether to pivot deeper.

  • Define in-scope subnets and assets.
  • Low-and-slow ping/ARP discovery first.
  • Pause if rate limits or SOC alerts fire.

Service Fingerprinting

Capture banners and TLS quickly so you can sort findings.

  • Enumerate open ports and versions.
  • Tag crown-jewel services (auth, data, control).
  • Record timing so retries are consistent.
๐Ÿ› ๏ธ Access & Escalation

Exploit with Guardrails

Move with intent: validate every exploit, snapshot state, and prep your rollback path before escalating.

Initial Access

Keep first touch reversible and logged.

  • Exploit selection mapped to CVEs and scope.
  • Artifacts and payloads stored per-target.
  • Immediate rollback (service restart or restore point).

Privilege Escalation

Escalate safely with minimal persistence.

  • Log commands and hash artifacts.
  • Check defenders' telemetry before loud actions.
  • Restore configs after testing persistence.
๐Ÿ“ค Reporting Hooks

Close the Loop

Tie every action back to evidence so the final Markdown report is repeatable and concise.

Evidence Pack

  • Screenshots, command logs, and hashes per finding.
  • Environment notes (time, host, IP, creds).
  • Countermeasure ideas listed next to impact.

Cleanup & Handoff

  • Stopped shells, removed test users, restored configs.
  • Documented what was left intentionally (e.g., test accounts).
  • Shared remediation sequence with owners.