Collections – Rev. Shells – Active Directory – Privilege Escalation – Misc.
Collections
| Title | Link | Description |
|---|---|---|
| Cheatsheet God | Link! | Penetration Testing Reference Bank – OSCP / PTP & PTX Cheatsheet |
| PayloadsAllTheThings | Link! | A list of useful payloads and bypass for Web Application Security and Pentest/CTF |
| HighOn.Coffee | Link! | HighOn.Coffee’s Collection of tools based on protocol |
| HackTricks | Link! | Pentesting/Redteaming notes by the creator of PEASS |
| The Hacker Recipes | Link! | This project is aimed at providing technical guides on various hacking topics. The most advanced topics are Active Directory and Web services. Other topics will be added. The ultimate goal is to centralize all hacking techniques š |
| The Hacker Recipes | Link! | This project is aimed at providing technical guides on various hacking topics |
| Ired.team | Link! | The goal of this project is simple – read other researchers work, execute some common/uncommon attacking techniques in a lab environment |
| 0xsp | Link! | |
| JustTryHarder | Link! | JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings) |
| snovvcrash.rocks/cheatsheets | Link! | Random pentest notes. Use your Ctrl-F to navigate around |
Reverse Shells
| Title | Link | Description |
|---|---|---|
| Reverse Shell Generator | Link! | Interactive Reverse Shell Generator |
| Pentest Monkey | Link! | Pentest Monkey’s Reverse Shell Cheatsheet |
| HighOn.Coffee | Link! | HighOn.Coffee’s Reverse Shell Cheatsheet |
Privilege Escalation
Linux
| Title | Link | Description |
|---|---|---|
| Basic Linux Privilege Escalation | Link! | g0tmi1k’s Privilege Escalation CheatSheet |
| HackTricks | Link! | HackTrick’s Linux Privilege Escalation Cheatsheet |
| GTFOBins | Link! | Living off the land of Linux |
| LinEnum | Link! | Scripted Local Linux Enumeration & Privilege Escalation Checks |
| linPEAS | Link! | LinPEAS is a script that search for possible paths to escalate privileges on Linux/Unix* hosts. |
Windows
| Title | Link | Description |
|---|---|---|
| HackTricks | Link! | HackTrick’s Windows Privilege Escalation Cheatsheet |
| WADComs | Link! | WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments. |
| Windows Kernel Exploits | Link! | SecWiki Github Repo with Windows kernel exploits |
| LOLBAS | Link! | Living Off The Land Binaries and Scripts (and also Libraries) |
| winPEAS | Link! | Windows equivalent to linPEAS |
| Windows Exploit Suggester | Link! | This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. |
Active Directory
| Title | Link | Description |
|---|---|---|
| Active Directory Exploitation Cheat Sheet | Link! | A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. |
| Active Directory Cheat Sheet | Link! | This repository contains a general methodology in the Active Directory environment. It is offered with a selection of quick commands from the most efficient tools based on Powershell, C, .Net 3.5 and .Net 4.5. |
| Active Directory Penetration Flowchart | Link! | A flowchart to assist with pentesting active directory. (Author is linked in the PDF) |
| Active Directory Penetration Flowchart (Extended) | Link! | An extended flowchart to assist with pentesting active directory. (Author is linked in the image) |
| HackTricks | Link! | HackTrick’s AD Methodology |
| How To Search LDAP using ldapsearch (With Examples) | Link! | Basics of using ldapsearch to enumerate AD |
| ldapsearch Examples | Link! | Examples of using ldapsearch |
| CompassSecurity BloodHound Queries | Link! | Expanded queries for BloodHound |
| HauSec BloodHound Queries | Link! | Expanded queries for BloodHound and Neo4j |