# Vulnerabilities Checklist

* [ ] Default Web Page (Low)
* [ ] Server Header Info Disclosure (Low) - only on web assessments
  * [ ] `curl --head <ip>`
    * [ ] ETag?
  * [ ] nikto, e.g.
    * [ ] \+ The anti-clickjacking X-Frame-Options header is not present.
    * [ ] \+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
    * [ ] \+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type<br>
* [ ] Default 404 Info Disclosure (Low)
* [ ] Weak Ciphers
  * [ ] `nmap --script=ssl-enum-ciphers -p 443 <ip>`
  * [ ] note the least strength cipher
* [ ] bruteforce attack on SSH at some point to make sure their SIM catches it
* [ ] Check SMB for anonymous login
* [ ] GPP cPassword (Groups.xml)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://wiki.zacheller.dev/pentest/untitled.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.