Pentest CheatSheet

Vues : 533

2 min read

Pentest Tips & Tricks :

https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/


Reverse shell generator :

https://www.revshells.com/


Name That Hash :

The Modern Hash Identification System

https://nth.skerritt.blog/


Web Application Penetration Testing Checklist :

https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6

https://r3surr3c7.gitbook.io/notes/web-pentesting-checklist

https://pentestbook.six2dez.com/others/web-checklist


XSS Cheat Sheet :

https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

https://0xhorizon.eu/cheat-sheet/xss/

https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting

https://netsec.expert/posts/xss-in-2021/

https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html


OFFENSIVE SECURITY CHEATSHEET :

https://cheatsheet.haax.fr/


Useful one liners :

https://gist.github.com/johnnypea/b0cd77e5734d65691fa21d93274b305b


Explainshell :

write down a command-line to see the help text that matches each argument.

https://explainshell.com/


CTF Cheatsheet :

https://github.com/Rajchowdhury420/CTF-CheatSheet


All About OSCP :

https://oscp.infosecsanyam.in/


OWASP Cheatsheet :

https://cheatsheetseries.owasp.org/


Security Knowledge Base :

http://github.sofianehamlaoui.fr/Security-Cheatsheets/


Privilege Escalation Windows :

https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html

https://lolbas-project.github.io/

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md

https://book.hacktricks.xyz/windows/windows-local-privilege-escalation


CyberChef :

The Cyber Swiss Army Knife – a web app for encryption, encoding, compression and data analysis.

https://gchq.github.io/CyberChef/


Aperi’Solve :

Aperi’Solve is an online platform which performs layer analysis on image.

https://aperisolve.fr/


XOR Calculator :

Calculate the exclusive or (XOR) with a simple web-based calculator. Input and output in binary, decimal, hexadecimal or ASCII.

http://xor.pw/


Hackitude :

https://www.hackitude.in/


GTFOBINS :

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

https://gtfobins.github.io/


OSCP-CHEATSHEET :

https://github.com/Swafox/OSCP/blob/master/oscp-cheatsheet.md


HackTricks :

https://book.hacktricks.xyz/


Bug Bounty Cheatsheet :

https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html


Payloads All The Things :

A list of useful payloads and bypass for Web Application Security and Pentest/CTF.

https://github.com/swisskyrepo/PayloadsAllTheThings


All about bug bounty :

https://github.com/daffainfo/AllAboutBugBounty


Awesome Pentest Cheat Sheets :

A collection of awesome penetration testing resources, tools and other shiny things.

https://github.com/coreb1t/awesome-pentest-cheat-sheets


Active Directory attack cheat sheet :

https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference/


Active Directory Enumeration :

https://www.hackingarticles.in/active-directory-enumeration-powerview/


Red Teaming Experiments :

https://www.ired.team/


OSINT-FR | Tools to begin in Open Source Intelligence :

https://osintfr.com/en/tools/


Windows Enumeration :

https://nored0x.github.io/red-teaming/windows-enumeration/


Hacking Tools Cheat Sheet :