Views: 4708
Pentest Tips & Tricks :
https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
https://github.com/Voorivex/pentest-guide
https://github.com/coreb1t/awesome-pentest-cheat-sheets
https://github.com/ahmetgurel/Pentest-Hints
Reverse shell generator :
Name That Hash :
The Modern Hash Identification System
Web Application Penetration Testing Checklist :
https://r3surr3c7.gitbook.io/notes/web-pentesting-checklist
https://pentestbook.six2dez.com/others/web-checklist
https://thackamura.github.io/web-checklist/
API-Security-Checklist :
https://github.com/shieldfy/API-Security-Checklist
WADComs :
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
XSS Cheat Sheet :
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
https://hackersonlineclub.com/cross-site-scripting-xss/
https://0xhorizon.eu/cheat-sheet/xss/
https://kipalog.com/posts/Some-XSS-payload
https://chawdamrunal.medium.com/xss-cheat-sheet-e8b8261963c9
https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting
https://netsec.expert/posts/xss-in-2021/
https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
SQL Injection CheatSheet :
https://www.hackingloops.com/sql-injection-cheat-sheet/
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
https://admiralgaust.github.io/SQL-Injection-cheat-sheet/
https://cybr.com/ethical-hacking-archives/sqlmap-cheat-sheets-to-help-you-find-sql-injections/
https://www.interviewbit.com/sql-injection-cheat-sheet/
https://brightsec.com/blog/sql-injection-payloads/
https://owasp.org/www-community/attacks/SQL_Injection_Bypassing_WAF
OFFENSIVE SECURITY CHEATSHEET :
Useful one liners :
https://gist.github.com/johnnypea/b0cd77e5734d65691fa21d93274b305b
Explainshell :
write down a command-line to see the help text that matches each argument.
CTF Cheatsheet :
https://github.com/Rajchowdhury420/CTF-CheatSheet
https://github.com/sl4x0/Web-CTF-Cheatsheet
All About OSCP :
https://oscp.infosecsanyam.in/
OWASP Cheatsheet :
https://cheatsheetseries.owasp.org/
Security Knowledge Base :
http://github.sofianehamlaoui.fr/Security-Cheatsheets/
Privilege Escalation Windows :
https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html
https://lolbas-project.github.io/
https://book.hacktricks.xyz/windows/windows-local-privilege-escalation
CyberChef :
The Cyber Swiss Army Knife – a web app for encryption, encoding, compression and data analysis.
https://gchq.github.io/CyberChef/
Aperi’Solve :
Aperi’Solve is an online platform which performs layer analysis on image.
XOR Calculator :
Calculate the exclusive or (XOR) with a simple web-based calculator. Input and output in binary, decimal, hexadecimal or ASCII.
Hackitude :
GTFOBINS :
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
OSCP-CHEATSHEET :
https://github.com/Swafox/OSCP/blob/master/oscp-cheatsheet.md
HackTricks :
Bug Bounty Cheatsheet/Tools/Templates :
https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html
https://github.com/EdOverflow/bugbounty-cheatsheet
https://taksec.github.io/google-dorks-bug-bounty/
https://github.com/topscoder/nuclei-wordfence-cve
https://github.com/daffainfo/AllAboutBugBounty
Payloads All The Things :
A list of useful payloads and bypass for Web Application Security and Pentest/CTF.
https://github.com/swisskyrepo/PayloadsAllTheThings
Active Directory attack cheat sheet :
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
Active Directory Enumeration :
https://www.hackingarticles.in/active-directory-enumeration-powerview/
Red Teaming Experiments :
OSINT-FR | Tools to begin in Open Source Intelligence :
Windows Enumeration :
https://nored0x.github.io/red-teaming/windows-enumeration/
Hacking Tools Cheat Sheet :
