awesome-pentest-cheat-sheets

Collection of the cheat sheets useful for pentesting

Archived

GitHub

4k stars
182 watching
762 forks
last commit: 8 months ago
Linked from 8 awesome lists

awesomecheatsheetpenetration-testingpentestpentest-cheat-sheetssecuritysecurity-cheat-sheets

Awesome Pentest Cheat Sheets / Security Talks and Videos

InfoCon - Hacking Conference Archive
Curated list of Security Talks and Videos 4,004 over 3 years ago

Awesome Pentest Cheat Sheets / General

Docker Cheat Sheet 22,103 3 months ago
Mobile App Pentest Cheat Sheet 4,561 8 months ago
OSX Command Line Cheat Sheet 28,853 about 3 years ago
PowerShell Cheat Sheet SANS PowerShell Cheat Sheet from SEC560 Course
Rawsec's CyberSecurity Inventory An open-source inventory of tools, resources, CTF platforms and Operating Systems about CyberSecurity. ( )
Regexp Security Cheat Sheet 707 about 2 years ago
Security Cheat Sheets 22 almost 8 years ago A collection of security cheat sheets
Unix / Linux Cheat Sheet

Awesome Pentest Cheat Sheets / Discovery

Google Dorks Google Dorks Hacking Database (Exploit-DB)
Shodan Shodan is a search engine for finding specific devices, and device types, that exist online
ZoomEye Zoomeye is a Cyberspace Search Engine recording information of devices, websites, services and components etc
Amass 11,907 19 days ago OWASP Network mapping of attack surfaces and external asset discovery using open source information

Awesome Pentest Cheat Sheets / Enumeration

enum4linux-ng 1,129 3 months ago Python tool for enumerating information from Windows/Samba systems

Awesome Pentest Cheat Sheets / Exploitation

Empire Cheat Sheet 1,033 almost 7 years ago is a PowerShell and Python post-exploitation framework
Exploit Development Cheat Sheet 's exploit development in one picture
Java Deserialization Cheat Sheet 3,022 over 1 year ago A cheat sheet for pentesters about Java Native Binary Deserialization vulnerabilities
Local File Inclusion (LFI) Cheat Sheet #1 Arr0way's LFI Cheat Sheet
Local File Inclusion (LFI) Cheat Sheet #2 Aptive's LFI Cheat Sheet
Metasploit Unleashed The ultimate guide to the Metasploit Framework
Metasploit Cheat Sheet A quick reference guide
PowerSploit Cheat Sheet 1,033 almost 7 years ago is a powershell post-exploitation framework
PowerView 2.0 Tricks
PowerView 3.0 Tricks
PHP htaccess Injection Cheat Sheet 813 6 months ago htaccess Injection Cheat Sheet by PHP Secure Configuration Checker
Reverse Shell Cheat Sheet #1 Pentestmonkey Reverse Shell Cheat Sheet
Reverse Shell Cheat Sheet #2 Arr0way's Reverse Shell Cheat Sheet
SQL Injection Cheat Sheet Netsparker's SQL Injection Cheat Sheet
SQLite3 Injection Cheat Sheet

Awesome Pentest Cheat Sheets / Privilege Escalation / Learn Privilege Escalation

Windows / Linux Local Privilege Escalation Workshop 1,853 about 2 years ago The Privilege Escalation Workshop covers all known (at the time) attack vectors of local user privilege escalation on both Linux and Windows operating systems and includes slides, videos, test VMs

Awesome Pentest Cheat Sheets / Privilege Escalation / Linux Privilege Escalation

Basic Linux Privilege Escalation Linux Privilege Escalation by
linux-exploit-suggester.sh 5,588 8 months ago Linux privilege escalation auditing tool written in bash (updated)
Linux_Exploit_Suggester.pl 1,777 over 10 years ago Linux Exploit Suggester written in Perl (last update 3 years ago)
Linux_Exploit_Suggester.pl v2 1,845 over 1 year ago Next-generation exploit suggester based on Linux_Exploit_Suggester (updated)
Linux Soft Exploit Suggester 222 over 1 year ago linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities
checksec.sh 2,008 12 days ago bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source)
linuxprivchecker.py This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits (@SecuritySift)
LinEnum 6,969 about 1 year ago This tool is great at running through a heap of things you should check on a Linux system in the post exploit process. This include file permissions, cron jobs if visible, weak credentials etc.(@Rebootuser)
linPEAS 15,874 5 days ago LinPEAS - Linux Privilege Escalation Awesome Script. Check the Local Linux Privilege Escalation checklist from
MimiPenguin 3,801 over 1 year ago A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz

Awesome Pentest Cheat Sheets / Privilege Escalation / Windows Privilege Escalation

PowerUp 11,812 about 4 years ago Excellent powershell script for checking of common Windows privilege escalation vectors. Written by
PowerUp Cheat Sheet 1,033 almost 7 years ago
Windows Exploit Suggester 3,945 over 1 year ago Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits
Sherlock 1,882 about 6 years ago PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities
Watson 1,543 almost 4 years ago Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
Precompiled Windows Exploits 1,821 about 4 years ago Collection of precompiled Windows exploits
Metasploit Modules 33,868 10 days ago

Awesome Pentest Cheat Sheets / Tools

Nmap Cheat Sheet
SQLmap Cheat Sheet
SQLmap Tamper Scripts SQLmap Tamper Scripts General/MSSQL/MySQL
VIM Cheatsheet
Wireshark Display Filters Filters for the best sniffing tool

Tools Online

XSS'OR Encoder/Decoder Online Decoder/Encoder for testing purposes (@evilcos)
WebGun WebGun, XSS Payload Creator (@brutelogic)
Hackvertor Tool to convert various encodings and generate attack vectors (@garethheyes)
JSFiddle Test and share XSS payloads,

Tools Online / Payloads / Genaral

Fuzzdb 8,182 11 months ago Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions
SecList 57,163 12 days ago A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more

Tools Online / Payloads / XSS

XSS Polyglot Payloads #1 1,941 about 2 years ago Unleashing an Ultimate XSS Polyglot list by 0xsobky
XSS Polyglot Payloads #2 's XSS
Browser's-XSS-Filter-Bypass-Cheat-Sheet 1,109 over 7 years ago Excellent List of working XSS bypasses running on the latest version of Chrome / Safari, IE 11 / Edge created by Masato Kinugawa

Tools Online / Write-Ups

Bug Bounty Reference 3,723 2 months ago huge list of bug bounty write-up that is categorized by the bug type (SQLi, XSS, IDOR, etc.)
Write-Ups for CTF challenges
Facebook Bug Bounties Categorized Facebook Bug Bounties write-ups

Tools Online / Learning Platforms / Online

Hack The Box :: Penetration Testing Labs
OWASP Vulnerable Web Applications Directory Project (Online) List of online available vulnerable applications for learning purposes
Pentestit labs Hands-on Pentesting Labs (OSCP style)
Root-me.org Hundreds of challenges are available to train yourself in different and not simulated environments
Vulnhub.com Vulnerable By Design VMs for practical 'hands-on' experience in digital security

Tools Online / Learning Platforms / Off-Line

Damn Vulnerable Xebia Training Environment 102 over 2 years ago Docker Container including several vurnerable web applications (DVWA,DVWServices, DVWSockets, WebGoat, Juiceshop, Railsgoat, django.NV, Buggy Bank, Mutilidae II and more)
OWASP Vulnerable Web Applications Directory Project (Offline) List of offline available vulnerable applications for learning purposes
Vulnerable SOAP Web Service a vulnerable SOAP web service lab environment
Vulnerable Flask Web App vulnerable Flask Web App lab environment

Tools Online / Wireless Hacking / Tools

wifite2 29 almost 8 years ago Full automated WiFi security testing script

Tools Online / Defence Topics

Docker Security Cheat Sheet The following tips should help you to secure a container based system
Windows Domain Hardening 1,738 almost 5 years ago A curated list of awesome Security Hardening techniques for Windows

Tools Online / Programming

JavaScript Cheat Sheet 6,698 almost 2 years ago Learn javascript in one picture
Python Cheat Sheet #1 16 about 9 years ago Learn python3 in one picture
Python Cheat Sheet #2 4,975 over 2 years ago Learn python3 in one picture
Python Snippets Cheat Sheet List of helpful re-usable code snippets in Python

Backlinks from these awesome lists: