Skip to content

Latest commit

 

History

History
120 lines (85 loc) · 9.35 KB

README.md

File metadata and controls

120 lines (85 loc) · 9.35 KB

Awesome Pentest Cheat Sheets Awesome

Collection of cheat sheets useful for pentesting

Contribution

Your contributions and suggestions are heartily welcome. Please check the Contributing Guidelines for more details.

General

Discovery

  • Google Dorks - Google Dorks Hacking Database (Exploit-DB)
  • Shodan - Shodan is a search engine for finding specific devices, and device types, that exist online

Exploitation

Privilege Escalation

Linux Privilege Escalation

Windows Privilege Escalation

  • PowerUp - Excellent powershell script for checking of common Windows privilege escalation vectors. Written by harmj0y
  • Windows Exploit Suggester - Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits
  • Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities
  • Precompiled Windows Exploits - Collection of precompiled Windows exploits
  • Metasploit Modules
    • post/multi/recon/local_exploit_suggester - suggests local meterpreter exploits that can be used
    • post/windows/gather/enum_patches - helps to identify any missing patches

Tools

Tools Online

Payloads

Genaral

  • Fuzzdb - Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions
  • SecList - A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more

XSS

Write-Ups

Learning Platforms

Online

Off-Line

Wireless Hacking

Tools

  • wifite2 - Full authomated WiFi security testing script

Defence Topics

Programming