awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
Archived
4k stars
182 watching
762 forks
last commit: 8 months ago
Linked from 8 awesome lists
awesomecheatsheetpenetration-testingpentestpentest-cheat-sheetssecuritysecurity-cheat-sheets
Awesome Pentest Cheat Sheets / Security Talks and Videos | |||
InfoCon - Hacking Conference Archive | |||
Curated list of Security Talks and Videos | 4,004 | over 3 years ago | |
Awesome Pentest Cheat Sheets / General | |||
Docker Cheat Sheet | 22,103 | 3 months ago | |
Mobile App Pentest Cheat Sheet | 4,561 | 8 months ago | |
OSX Command Line Cheat Sheet | 28,853 | about 3 years ago | |
PowerShell Cheat Sheet | SANS PowerShell Cheat Sheet from SEC560 Course | ||
Rawsec's CyberSecurity Inventory | An open-source inventory of tools, resources, CTF platforms and Operating Systems about CyberSecurity. ( ) | ||
Regexp Security Cheat Sheet | 707 | about 2 years ago | |
Security Cheat Sheets | 22 | almost 8 years ago | A collection of security cheat sheets |
Unix / Linux Cheat Sheet | |||
Awesome Pentest Cheat Sheets / Discovery | |||
Google Dorks | Google Dorks Hacking Database (Exploit-DB) | ||
Shodan | Shodan is a search engine for finding specific devices, and device types, that exist online | ||
ZoomEye | Zoomeye is a Cyberspace Search Engine recording information of devices, websites, services and components etc | ||
Amass | 11,907 | 19 days ago | OWASP Network mapping of attack surfaces and external asset discovery using open source information |
Awesome Pentest Cheat Sheets / Enumeration | |||
enum4linux-ng | 1,129 | 3 months ago | Python tool for enumerating information from Windows/Samba systems |
Awesome Pentest Cheat Sheets / Exploitation | |||
Empire Cheat Sheet | 1,033 | almost 7 years ago | is a PowerShell and Python post-exploitation framework |
Exploit Development Cheat Sheet | 's exploit development in one picture | ||
Java Deserialization Cheat Sheet | 3,022 | over 1 year ago | A cheat sheet for pentesters about Java Native Binary Deserialization vulnerabilities |
Local File Inclusion (LFI) Cheat Sheet #1 | Arr0way's LFI Cheat Sheet | ||
Local File Inclusion (LFI) Cheat Sheet #2 | Aptive's LFI Cheat Sheet | ||
Metasploit Unleashed | The ultimate guide to the Metasploit Framework | ||
Metasploit Cheat Sheet | A quick reference guide | ||
PowerSploit Cheat Sheet | 1,033 | almost 7 years ago | is a powershell post-exploitation framework |
PowerView 2.0 Tricks | |||
PowerView 3.0 Tricks | |||
PHP htaccess Injection Cheat Sheet | 813 | 6 months ago | htaccess Injection Cheat Sheet by PHP Secure Configuration Checker |
Reverse Shell Cheat Sheet #1 | Pentestmonkey Reverse Shell Cheat Sheet | ||
Reverse Shell Cheat Sheet #2 | Arr0way's Reverse Shell Cheat Sheet | ||
SQL Injection Cheat Sheet | Netsparker's SQL Injection Cheat Sheet | ||
SQLite3 Injection Cheat Sheet | |||
Awesome Pentest Cheat Sheets / Privilege Escalation / Learn Privilege Escalation | |||
Windows / Linux Local Privilege Escalation Workshop | 1,853 | about 2 years ago | The Privilege Escalation Workshop covers all known (at the time) attack vectors of local user privilege escalation on both Linux and Windows operating systems and includes slides, videos, test VMs |
Awesome Pentest Cheat Sheets / Privilege Escalation / Linux Privilege Escalation | |||
Basic Linux Privilege Escalation | Linux Privilege Escalation by | ||
linux-exploit-suggester.sh | 5,588 | 8 months ago | Linux privilege escalation auditing tool written in bash (updated) |
Linux_Exploit_Suggester.pl | 1,777 | over 10 years ago | Linux Exploit Suggester written in Perl (last update 3 years ago) |
Linux_Exploit_Suggester.pl v2 | 1,845 | over 1 year ago | Next-generation exploit suggester based on Linux_Exploit_Suggester (updated) |
Linux Soft Exploit Suggester | 222 | over 1 year ago | linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities |
checksec.sh | 2,008 | 12 days ago | bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source) |
linuxprivchecker.py | This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits (@SecuritySift) | ||
LinEnum | 6,969 | about 1 year ago | This tool is great at running through a heap of things you should check on a Linux system in the post exploit process. This include file permissions, cron jobs if visible, weak credentials etc.(@Rebootuser) |
linPEAS | 15,874 | 5 days ago | LinPEAS - Linux Privilege Escalation Awesome Script. Check the Local Linux Privilege Escalation checklist from |
MimiPenguin | 3,801 | over 1 year ago | A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz |
Awesome Pentest Cheat Sheets / Privilege Escalation / Windows Privilege Escalation | |||
PowerUp | 11,812 | about 4 years ago | Excellent powershell script for checking of common Windows privilege escalation vectors. Written by |
PowerUp Cheat Sheet | 1,033 | almost 7 years ago | |
Windows Exploit Suggester | 3,945 | over 1 year ago | Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits |
Sherlock | 1,882 | about 6 years ago | PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities |
Watson | 1,543 | almost 4 years ago | Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities |
Precompiled Windows Exploits | 1,821 | about 4 years ago | Collection of precompiled Windows exploits |
Metasploit Modules | 33,868 | 10 days ago | |
Awesome Pentest Cheat Sheets / Tools | |||
Nmap Cheat Sheet | |||
SQLmap Cheat Sheet | |||
SQLmap Tamper Scripts | SQLmap Tamper Scripts General/MSSQL/MySQL | ||
VIM Cheatsheet | |||
Wireshark Display Filters | Filters for the best sniffing tool | ||
Tools Online | |||
XSS'OR Encoder/Decoder | Online Decoder/Encoder for testing purposes (@evilcos) | ||
WebGun | WebGun, XSS Payload Creator (@brutelogic) | ||
Hackvertor | Tool to convert various encodings and generate attack vectors (@garethheyes) | ||
JSFiddle | Test and share XSS payloads, | ||
Tools Online / Payloads / Genaral | |||
Fuzzdb | 8,182 | 11 months ago | Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions |
SecList | 57,163 | 12 days ago | A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more |
Tools Online / Payloads / XSS | |||
XSS Polyglot Payloads #1 | 1,941 | about 2 years ago | Unleashing an Ultimate XSS Polyglot list by 0xsobky |
XSS Polyglot Payloads #2 | 's XSS | ||
Browser's-XSS-Filter-Bypass-Cheat-Sheet | 1,109 | over 7 years ago | Excellent List of working XSS bypasses running on the latest version of Chrome / Safari, IE 11 / Edge created by Masato Kinugawa |
Tools Online / Write-Ups | |||
Bug Bounty Reference | 3,723 | 2 months ago | huge list of bug bounty write-up that is categorized by the bug type (SQLi, XSS, IDOR, etc.) |
Write-Ups for CTF challenges | |||
Facebook Bug Bounties | Categorized Facebook Bug Bounties write-ups | ||
Tools Online / Learning Platforms / Online | |||
Hack The Box :: Penetration Testing Labs | |||
OWASP Vulnerable Web Applications Directory Project (Online) | List of online available vulnerable applications for learning purposes | ||
Pentestit labs | Hands-on Pentesting Labs (OSCP style) | ||
Root-me.org | Hundreds of challenges are available to train yourself in different and not simulated environments | ||
Vulnhub.com | Vulnerable By Design VMs for practical 'hands-on' experience in digital security | ||
Tools Online / Learning Platforms / Off-Line | |||
Damn Vulnerable Xebia Training Environment | 102 | over 2 years ago | Docker Container including several vurnerable web applications (DVWA,DVWServices, DVWSockets, WebGoat, Juiceshop, Railsgoat, django.NV, Buggy Bank, Mutilidae II and more) |
OWASP Vulnerable Web Applications Directory Project (Offline) | List of offline available vulnerable applications for learning purposes | ||
Vulnerable SOAP Web Service | a vulnerable SOAP web service lab environment | ||
Vulnerable Flask Web App | vulnerable Flask Web App lab environment | ||
Tools Online / Wireless Hacking / Tools | |||
wifite2 | 29 | almost 8 years ago | Full automated WiFi security testing script |
Tools Online / Defence Topics | |||
Docker Security Cheat Sheet | The following tips should help you to secure a container based system | ||
Windows Domain Hardening | 1,738 | almost 5 years ago | A curated list of awesome Security Hardening techniques for Windows |
Tools Online / Programming | |||
JavaScript Cheat Sheet | 6,698 | almost 2 years ago | Learn javascript in one picture |
Python Cheat Sheet #1 | 16 | about 9 years ago | Learn python3 in one picture |
Python Cheat Sheet #2 | 4,975 | over 2 years ago | Learn python3 in one picture |
Python Snippets Cheat Sheet | List of helpful re-usable code snippets in Python |