Skip to content

All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester

Notifications You must be signed in to change notification settings

lucthienphong1120/AIO-Pentesting

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AIO-Pentesting

All in one Pentest methodologies - Tools and commands

Where compiled all common materials for pentester

⭐ If you feel it helpful, please contribute, otherwise start it! ⭐

In this material, I will divide it into 2 phases and an overview is listed after below:

Useful documents

CVE Databases

  1. NVD (National Vulnerability Database)
  2. Exploit-DB
  3. CVE MITRE

OS binaries libraries

  1. GTFOBins of Unix binaries
  2. LOLBAS of Windows binaries

Build-in shell & wordlist

tree /usr/share/webshells/
├── asp
│   ├── cmd-asp-5.1.asp
│   └── cmdasp.asp
├── aspx
│   └── cmdasp.aspx
├── cfm
│   └── cfexec.cfm
├── jsp
│   ├── cmdjsp.jsp
│   └── jsp-reverse.jsp
├── laudanum -> /usr/share/laudanum
├── perl
│   ├── perlcmd.cgi
│   └── perl-reverse-shell.pl
└── php
    ├── findsocket
    │   ├── findsock.c
    │   └── php-findsock-shell.php
    ├── php-backdoor.php
    ├── php-reverse-shell.php
    ├── qsd-php-backdoor.php
    └── simple-backdoor.php
tree /usr/share/wordlists/
├── dirb -> /usr/share/dirb/wordlists
├── dirbuster -> /usr/share/dirbuster/wordlists
├── dnsmap.txt -> /usr/share/dnsmap/wordlist_TLAs.txt
├── fasttrack.txt -> /usr/share/set/src/fasttrack/wordlist.txt
├── fern-wifi -> /usr/share/fern-wifi-cracker/extras/wordlists
├── metasploit -> /usr/share/metasploit-framework/data/wordlists
├── nmap.lst -> /usr/share/nmap/nselib/data/passwords.lst
├── rockyou.txt
└── wfuzz -> /usr/share/wfuzz/wordlist