Skip to content

ByteSnipers/awesome-pentest-cheat-sheets

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Awesome Pentest Cheat Sheets Awesome

Collection of cheat sheets and check lists useful for security and pentesting. The list contains a huge list of very sorted and selected resources, which can help you to save a lot of time.

This repo is the updated version from awesome-pentest-cheat-sheets.

Contents

Contribution

Your contributions and suggestions are heartily welcome. Please check the Contributing Guidelines for more details.

Security Talks and Videos

General cheat sheets

Mobile Pentesting

  • Mobile App Pentest Cheat Sheet - Collection of resources on Apple & iOS Penetration Testing.
  • Mobexler - Customised virtual machine, designed to help in penetration testing of Android & iOS applications.

Android

.

Vulnerable Android Applications

Apple

Cloud Pentesting

Kubernetes

Kubernetes Pentest Methodology (CyberArk)

Azure

Active Directory

Pentest Methodology

Discovery

  • Google Dorks - Google Dorks Hacking Database (Exploit-DB).
  • Shodan - Shodan is a search engine for finding specific devices, and device types, that exist online.
  • ZoomEye - Zoomeye is a Cyberspace Search Engine recording information of devices, websites, services and components etc.
  • Amass - OWASP Network mapping of attack surfaces and external asset discovery using open source information.
  • Censys - Similar to shodan, search engine for specific devices including IoT.

Enumeration

Exploitation

Post-Exploitation

Privilege Escalation

Learn Privilege Escalation

  • Windows / Linux Local Privilege Escalation Workshop - The Privilege Escalation Workshop covers all known (at the time) attack vectors of local user privilege escalation on both Linux and Windows operating systems and includes slides, videos, test VMs. .

Linux Privilege Escalation

  • Basic Linux Privilege Escalation - Linux Privilege Escalation by @g0tmi1k.
  • linux-exploit-suggester.sh - Linux privilege escalation auditing tool written in bash (updated).
  • Linux_Exploit_Suggester.pl - Linux Exploit Suggester written in Perl (last update 3 years ago).
  • Linux_Exploit_Suggester.pl v2 - Next-generation exploit suggester based on Linux_Exploit_Suggester (updated).
  • Linux Soft Exploit Suggester - Linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities.
  • checksec.sh - Bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source).
  • linuxprivchecker.py - This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits (@SecuritySift).
  • LinEnum - This tool is great at running through a heap of things you should check on a Linux system in the post exploit process. This include file permissions, cron jobs if visible, weak credentials etc.(@Rebootuser).
  • linPEAS - LinPEAS - Linux Privilege Escalation Awesome Script. Check the Local Linux Privilege Escalation checklist from book.hacktricks.xyz.
  • MimiPenguin - A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. .

Windows Privilege Escalation

  • PowerUp - Excellent powershell script for checking of common Windows privilege escalation vectors. Written by harmj0y (direct link).
  • PowerUp Cheat Sheet
  • Windows Exploit Suggester - Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits.
  • Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
  • Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities.
  • Precompiled Windows Exploits - Collection of precompiled Windows exploits.
  • Metasploit Modules
    • post/multi/recon/local_exploit_suggester - suggests local meterpreter exploits that can be used.
    • post/windows/gather/enum_patches - helps to identify any missing patches.

Web Pentesting

Payloads
Labs

Binary Exploitation

.

Learning Platforms

Online

Off-Line

Bug Bounty

Free video courses

Podcasts

Other resources

Tools

Tools Online

Payloads

  • Fuzzdb - Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions.
  • SecList - A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

Write-Ups

Wireless Hacking

Tools

  • wifite2 - Full automated WiFi security testing script .

Defence Topics

Programming