├── docs
    ├── js-in-one-pic.png
    ├── py3-in-one-pic.png
    ├── DockerCheatSheet.pdf
    ├── python-3-in-one-pic.png
    ├── Metasploit-CheatSheet.pdf
    ├── Metasploit-CheatSheet.png
    ├── PowerShellCheatSheet_v41.pdf
    ├── Wireshark_Display_Filters.pdf
    ├── sqlmap-cheatsheet-1.0-SDB.pdf
    ├── pentest-exploit-dev-cheatsheet.jpg
    ├── nmap.md
    ├── python-snippets.md
    └── shodan.md
├── .travis.yml
├── images
    ├── Windows.svg
    └── linux.svg
├── .github
    └── CONTRIBUTING.md
├── LICENSE
└── README.md


/docs/js-in-one-pic.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/js-in-one-pic.png


--------------------------------------------------------------------------------
/docs/py3-in-one-pic.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/py3-in-one-pic.png


--------------------------------------------------------------------------------
/docs/DockerCheatSheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/DockerCheatSheet.pdf


--------------------------------------------------------------------------------
/docs/python-3-in-one-pic.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/python-3-in-one-pic.png


--------------------------------------------------------------------------------
/docs/Metasploit-CheatSheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/Metasploit-CheatSheet.pdf


--------------------------------------------------------------------------------
/docs/Metasploit-CheatSheet.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/Metasploit-CheatSheet.png


--------------------------------------------------------------------------------
/docs/PowerShellCheatSheet_v41.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/PowerShellCheatSheet_v41.pdf


--------------------------------------------------------------------------------
/docs/Wireshark_Display_Filters.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/Wireshark_Display_Filters.pdf


--------------------------------------------------------------------------------
/docs/sqlmap-cheatsheet-1.0-SDB.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/sqlmap-cheatsheet-1.0-SDB.pdf


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: ruby
2 | rvm:
3 |   - 2.2
4 | before_script:
5 |   - gem install awesome_bot
6 | script:
7 | - awesome_bot README.md --allow-redirect


--------------------------------------------------------------------------------
/docs/pentest-exploit-dev-cheatsheet.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ByteSnipers/awesome-pentest-cheat-sheets/HEAD/docs/pentest-exploit-dev-cheatsheet.jpg


--------------------------------------------------------------------------------
/docs/nmap.md:
--------------------------------------------------------------------------------
 1 | # Nmap Cheat Sheet
 2 | 
 3 | ## DNS Brute Force
 4 | 
 5 |     nmap -p 80 --script dns-brute <host>
 6 | 
 7 | ## Find virtual hosts on an IP address 
 8 | 
 9 |     nmap -p 80 --script hostmap-bfk <host>
10 | 
11 | ## Traceroute Geolocation
12 | 
13 |     nmap -p 80 --traceroute --script traceroute-geolocation.nse  <host>
14 |     
15 | ## HTTP Scripts
16 | 
17 |  + ### HTTP Enum - web path brute force
18 | 
19 |         nmap -p 80 --script http-enum <host>
20 | 
21 |  + ### HTTP Title
22 |  
23 |         nmap -p 80 -sV --script http-title  <ip range>
24 | 


--------------------------------------------------------------------------------
/images/Windows.svg:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg t="1655173291895" class="icon" viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2078" width="16" height="16" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css">@font-face { font-family: feedback-iconfont; src: url("//at.alicdn.com/t/font_1031158_u69w8yhxdu.woff2?t=1630033759944") format("woff2"), url("//at.alicdn.com/t/font_1031158_u69w8yhxdu.woff?t=1630033759944") format("woff"), url("//at.alicdn.com/t/font_1031158_u69w8yhxdu.ttf?t=1630033759944") format("truetype"); }
2 | </style></defs><path d="M456 484V160.1l-335.9 72V484H456zM512 484h391.8V64.2l-391.8 84V484zM456 540H120.2v251.9l335.9 72V540zM512 540v335.9l391.8 84V540H512z" fill="#00adef" p-id="2079"></path></svg>


--------------------------------------------------------------------------------
/docs/python-snippets.md:
--------------------------------------------------------------------------------
 1 | # Python Snippets 
 2 | 
 3 | ## File Operations
 4 | 
 5 | * read a file line by line into a list
 6 | 
 7 | 	* If you want the \n included:
 8 | 
 9 | 	```python
10 | 		with open(fname) as f:
11 | 	    	content = f.readlines()
12 | 	```
13 | 
14 | 	* If you do not want \n included:
15 | 
16 | 	```python
17 | 	with open(fname) as f:
18 | 	    content = f.read().splitlines()
19 | 	```
20 | 
21 | * move file to the dist_dir folder
22 | 	
23 | 		os.rename(<filname>, dist_dir + os.path.sep + <filename>)
24 | 
25 | * get working directory
26 | 
27 | 		PWD = os.getcwd()
28 | 
29 | * write file 
30 | 
31 | 		RESOURCE = "filename.txt"
32 | 		fd = open(RESOURCE, 'w')
33 | 	    fd.write("first line\n")
34 | 	    fd.close()
35 | 
36 | 
37 | ## Parsing Arguments
38 | 
39 | ```python
40 | parser = argparse.ArgumentParser()
41 | 
42 | parser.add_argument("-p", dest="payload", help=payloads, required=True)
43 | parser.add_argument("-i", dest="interface", help="use interface - default: eth0", default="eth0")
44 | args = parser.parse_args()
45 | 
46 | payload_type = args.payload
47 | ```


--------------------------------------------------------------------------------
/docs/shodan.md:
--------------------------------------------------------------------------------
 1 | # Shodan Cheat Sheet
 2 | 
 3 | ## Filter 
 4 | 
 5 | Here are the basic search filters you can use:
 6 | 
 7 | * `city`: find devices in a particular city
 8 | * `country`: find devices in a particular country
 9 | * `geo`: you can pass it coordinates
10 | * `hostname`: find values that match the hostname
11 | * `net`: search based on an IP or /x CIDR
12 | * `os`: search based on operating system
13 | * `port`: find particular ports that are open
14 | * `before/after`: find results within a timeframe
15 | * `org`: Search by organization
16 | * `hash`: Search based on banner hash
17 | * `has_screenshot:true`: Filter search based on a screenshot being present
18 | * `title`: Search based on text within the title
19 | 
20 | ## Examples
21 | 
22 | Find Apache servers in San Francisco:
23 | 
24 | 	apache city:"San Francisco"
25 | 
26 | Find Nginx servers in Germany:
27 | 
28 | 	nginx country:"DE"
29 | 
30 | Find GWS (Google Web Server) servers:
31 | 
32 | 	"Server: gws" hostname:"google"
33 | 
34 | Find Cisco devices on a particular subnet:
35 | 
36 | 	cisco net:"216.219.143.0/24"
37 | 


--------------------------------------------------------------------------------
/.github/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Contribution Guidelines
 2 | 
 3 | ## Table of Contents
 4 | 
 5 | - [Adding to this list](#adding-to-this-list)
 6 | - [Updating your Pull Request](#updating-your-pull-request)
 7 | 
 8 | ## Adding to this list
 9 | 
10 | Please ensure your pull request adheres to the following guidelines:
11 | 
12 | - Search previous suggestions before making a new one, as yours may be a duplicate.
13 | - Make sure the submission is useful before submitting.
14 | - Make an individual pull request for each suggestion.
15 | - Use [title-casing](http://titlecapitalization.com) (AP style).
16 | - Use the following format: `[List Name](link) - Optional Description`.
17 | - Optional descriptions are useful when the name itself is not descriptive.
18 | - Link additions should be added to the bottom of the relevant category.
19 | - New categories or improvements to the existing categorization are welcome.
20 | - Check your spelling and grammar.
21 | - Make sure your text editor is set to remove trailing whitespace.
22 | - The pull request and commit should have a useful title.
23 | - The body of your commit message should contain a link to the repository.
24 | 
25 | ## Updating your Pull Request
26 | 
27 | Sometimes, a maintainer of an awesome list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't make any useful addition.
28 | 
29 | [Here](https://github.com/RichardLitt/knowledge/blob/master/github/amending-a-commit-guide.md) is a write up on how to change a Pull Request, and the different ways you can do that.
30 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | Creative Commons Legal Code
  2 | 
  3 | CC0 1.0 Universal
  4 | 
  5 |     CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
  6 |     LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
  7 |     ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
  8 |     INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
  9 |     REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
 10 |     PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
 11 |     THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
 12 |     HEREUNDER.
 13 | 
 14 | Statement of Purpose
 15 | 
 16 | The laws of most jurisdictions throughout the world automatically confer
 17 | exclusive Copyright and Related Rights (defined below) upon the creator
 18 | and subsequent owner(s) (each and all, an "owner") of an original work of
 19 | authorship and/or a database (each, a "Work").
 20 | 
 21 | Certain owners wish to permanently relinquish those rights to a Work for
 22 | the purpose of contributing to a commons of creative, cultural and
 23 | scientific works ("Commons") that the public can reliably and without fear
 24 | of later claims of infringement build upon, modify, incorporate in other
 25 | works, reuse and redistribute as freely as possible in any form whatsoever
 26 | and for any purposes, including without limitation commercial purposes.
 27 | These owners may contribute to the Commons to promote the ideal of a free
 28 | culture and the further production of creative, cultural and scientific
 29 | works, or to gain reputation or greater distribution for their Work in
 30 | part through the use and efforts of others.
 31 | 
 32 | For these and/or other purposes and motivations, and without any
 33 | expectation of additional consideration or compensation, the person
 34 | associating CC0 with a Work (the "Affirmer"), to the extent that he or she
 35 | is an owner of Copyright and Related Rights in the Work, voluntarily
 36 | elects to apply CC0 to the Work and publicly distribute the Work under its
 37 | terms, with knowledge of his or her Copyright and Related Rights in the
 38 | Work and the meaning and intended legal effect of CC0 on those rights.
 39 | 
 40 | 1. Copyright and Related Rights. A Work made available under CC0 may be
 41 | protected by copyright and related or neighboring rights ("Copyright and
 42 | Related Rights"). Copyright and Related Rights include, but are not
 43 | limited to, the following:
 44 | 
 45 |   i. the right to reproduce, adapt, distribute, perform, display,
 46 |      communicate, and translate a Work;
 47 |  ii. moral rights retained by the original author(s) and/or performer(s);
 48 | iii. publicity and privacy rights pertaining to a person's image or
 49 |      likeness depicted in a Work;
 50 |  iv. rights protecting against unfair competition in regards to a Work,
 51 |      subject to the limitations in paragraph 4(a), below;
 52 |   v. rights protecting the extraction, dissemination, use and reuse of data
 53 |      in a Work;
 54 |  vi. database rights (such as those arising under Directive 96/9/EC of the
 55 |      European Parliament and of the Council of 11 March 1996 on the legal
 56 |      protection of databases, and under any national implementation
 57 |      thereof, including any amended or successor version of such
 58 |      directive); and
 59 | vii. other similar, equivalent or corresponding rights throughout the
 60 |      world based on applicable law or treaty, and any national
 61 |      implementations thereof.
 62 | 
 63 | 2. Waiver. To the greatest extent permitted by, but not in contravention
 64 | of, applicable law, Affirmer hereby overtly, fully, permanently,
 65 | irrevocably and unconditionally waives, abandons, and surrenders all of
 66 | Affirmer's Copyright and Related Rights and associated claims and causes
 67 | of action, whether now known or unknown (including existing as well as
 68 | future claims and causes of action), in the Work (i) in all territories
 69 | worldwide, (ii) for the maximum duration provided by applicable law or
 70 | treaty (including future time extensions), (iii) in any current or future
 71 | medium and for any number of copies, and (iv) for any purpose whatsoever,
 72 | including without limitation commercial, advertising or promotional
 73 | purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
 74 | member of the public at large and to the detriment of Affirmer's heirs and
 75 | successors, fully intending that such Waiver shall not be subject to
 76 | revocation, rescission, cancellation, termination, or any other legal or
 77 | equitable action to disrupt the quiet enjoyment of the Work by the public
 78 | as contemplated by Affirmer's express Statement of Purpose.
 79 | 
 80 | 3. Public License Fallback. Should any part of the Waiver for any reason
 81 | be judged legally invalid or ineffective under applicable law, then the
 82 | Waiver shall be preserved to the maximum extent permitted taking into
 83 | account Affirmer's express Statement of Purpose. In addition, to the
 84 | extent the Waiver is so judged Affirmer hereby grants to each affected
 85 | person a royalty-free, non transferable, non sublicensable, non exclusive,
 86 | irrevocable and unconditional license to exercise Affirmer's Copyright and
 87 | Related Rights in the Work (i) in all territories worldwide, (ii) for the
 88 | maximum duration provided by applicable law or treaty (including future
 89 | time extensions), (iii) in any current or future medium and for any number
 90 | of copies, and (iv) for any purpose whatsoever, including without
 91 | limitation commercial, advertising or promotional purposes (the
 92 | "License"). The License shall be deemed effective as of the date CC0 was
 93 | applied by Affirmer to the Work. Should any part of the License for any
 94 | reason be judged legally invalid or ineffective under applicable law, such
 95 | partial invalidity or ineffectiveness shall not invalidate the remainder
 96 | of the License, and in such case Affirmer hereby affirms that he or she
 97 | will not (i) exercise any of his or her remaining Copyright and Related
 98 | Rights in the Work or (ii) assert any associated claims and causes of
 99 | action with respect to the Work, in either case contrary to Affirmer's
100 | express Statement of Purpose.
101 | 
102 | 4. Limitations and Disclaimers.
103 | 
104 |  a. No trademark or patent rights held by Affirmer are waived, abandoned,
105 |     surrendered, licensed or otherwise affected by this document.
106 |  b. Affirmer offers the Work as-is and makes no representations or
107 |     warranties of any kind concerning the Work, express, implied,
108 |     statutory or otherwise, including without limitation warranties of
109 |     title, merchantability, fitness for a particular purpose, non
110 |     infringement, or the absence of latent or other defects, accuracy, or
111 |     the present or absence of errors, whether or not discoverable, all to
112 |     the greatest extent permissible under applicable law.
113 |  c. Affirmer disclaims responsibility for clearing rights of other persons
114 |     that may apply to the Work or any use thereof, including without
115 |     limitation any person's Copyright and Related Rights in the Work.
116 |     Further, Affirmer disclaims responsibility for obtaining any necessary
117 |     consents, permissions or other rights required for any use of the
118 |     Work.
119 |  d. Affirmer understands and acknowledges that Creative Commons is not a
120 |     party to this document and has no duty or obligation with respect to
121 |     this CC0 or use of the Work.
122 | 


--------------------------------------------------------------------------------
/images/linux.svg:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg t="1655173358156" class="icon" viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2683" width="16" height="16" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css">@font-face { font-family: feedback-iconfont; src: url("//at.alicdn.com/t/font_1031158_u69w8yhxdu.woff2?t=1630033759944") format("woff2"), url("//at.alicdn.com/t/font_1031158_u69w8yhxdu.woff?t=1630033759944") format("woff"), url("//at.alicdn.com/t/font_1031158_u69w8yhxdu.ttf?t=1630033759944") format("truetype"); }
2 | </style></defs><path d="M525.2 198.3c-8.6 5.6-15.2 13.8-18.9 23.4-3.8 12.4-3.2 25.6 1.5 37.7 3.9 12.7 11.7 23.8 22.2 31.8 5.4 3.8 11.6 6.2 18.2 7 6.6 0.8 13.2-0.3 19.1-3.3 7-3.9 12.6-10 15.9-17.3 3.2-7.4 5-15.3 5.2-23.3 0.7-10.2-0.6-20.4-3.8-30.1-3.5-10.6-10.3-19.7-19.5-25.9-4.7-3-9.9-5-15.4-5.8-5.5-0.8-11.1-0.2-16.3 1.8-2.9 1.2-5.7 2.7-8.3 4.5" fill="#FFFFFF" p-id="2684"></path><path d="M810.2 606.5c-5.1-28.3-13.1-56-23.8-82.6-7.3-19.8-17.2-38.6-29.5-55.8-12.4-16.5-28.1-30.4-40.2-47.1-6.4-8.7-11.8-18.4-18.5-26.9-2.7-5.6-5.3-11.2-7.9-16.8-8-17.5-15.3-35.4-24.8-52-1.5-2.6-3.1-5.2-4.6-7.7-1.2-16-2.9-32-3.8-48 0.7-32.1-2-64.3-8.1-95.9-4.2-15.1-10.6-29.6-19-42.8-9.8-15.6-22.4-29.2-37.2-40.1-24.1-17.1-52.9-26.3-82.4-26.4-21.7-0.5-43.2 4.4-62.5 14.4-20.3 11.1-36.7 28.2-47 48.9-9.6 20.9-14.7 43.5-15 66.5-0.8 22.6 1.3 45 2.2 67.6 0.9 23.4 0.4 46.9 2.3 70.3 0.6 7.5 1.5 15 1.5 22.6 0 3.8-0.2 7.6-0.3 11.3l-0.3 0.8c-10.2 17.3-21.5 34-33.8 49.9-8.6 10.9-17.2 21.7-25.9 32.4-11.3 12.7-20.9 26.8-28.5 42-5.1 13.2-9.2 26.8-12.4 40.6l-0.3 1.1c-4.8 15.9-10.8 31.3-18 46.2-0.7 1.4-1.4 2.9-2 4.2-4.3 8.9-8.8 17.8-13.5 26.5l-5.4 10.1c-3.4 6.1-6.4 12.4-9 18.8-1.5 3.9-2.7 7.9-3.4 12-1.3 8.7-0.7 17.5 1.6 25.9 0.5 2.1 1.2 4.2 1.9 6.3 2.2 6.2 4.8 12.3 7.9 18.1 1.4 2.7 2.9 5.3 4.3 8l1.3 1.9c1.4 2.5 2.9 5 4.4 7.4l0.2 0.3c1.7 2.8 3.6 5.5 5.4 8.2l0.3 0.4c1.9 2.6 3.8 5.3 5.8 7.9 7.4 28.9 21 55.8 39.7 79-2.9 5.1-5.5 10.1-8.4 15.1-10.2 14.8-18.6 30.7-25.1 47.4-2.7 8.6-3.4 17.7-1.9 26.6 1.4 9 6 17.1 13 23 4.7 3.6 10.1 6.1 15.8 7.3 5.7 1.2 11.6 1.8 17.5 1.5 22.2-1.7 44.2-6.1 65.4-12.9 12.8-3.4 25.6-6.4 38.6-9 13.5-3.1 27.2-5 41-5.6 3.4 0.1 6.8-0.1 10.1-0.3 9.4 1 18.8 1.4 28.3 1l3.5-0.2c2.4 0.3 4.9 0.4 7.4 0.6 16.6 0.9 33.1 2.6 49.5 5.1 14.4 2.2 28.8 5 43 8.5 21.9 6.6 44.4 11 67.3 12.9 6 0.3 12-0.2 18-1.4 5.9-1.2 11.5-3.8 16.3-7.4 7-5.8 11.6-13.9 13.1-22.9 1.5-8.9 0.8-18-1.9-26.6-6.6-16.7-15.1-32.6-25.5-47.3-3.6-6.1-7-12.4-10.6-18.5 15.5-17.3 29.2-36.3 40.7-56.5 7 0.4 13.9-0.4 20.6-2.6 17.5-5.9 32.7-17.3 43.3-32.5 3.2-4.5 5.7-9.5 7.2-14.8 6.9-10.7 11.6-22.7 13.8-35.3 3.2-20.8 2.7-42.1-1.5-62.7h-0.2z m0 0" fill="#020204" p-id="2685"></path><path d="M425.6 323.2c-3.1 4-5.3 8.7-6.4 13.6-1.1 4.9-1.8 10-1.9 15 0.3 10.1-0.5 20.2-2.5 30.1-3.5 10.3-8.8 19.8-15.6 28.3-11.7 14.7-20.9 31.2-27.2 48.8-3.2 10.9-4.3 22.3-3.1 33.7-12.1 17.9-22.6 36.9-31.3 56.7-13.4 29.9-22 61.8-25.5 94.4-4.3 40.1 1.6 80.6 17 117.8 11.3 26.8 28.5 50.8 50.3 70.1 11.2 9.7 23.5 17.9 36.7 24.4 46.7 22.8 101.4 22.3 147.6-1.4 23.1-13.5 44.2-30.2 62.6-49.5 11.9-10.8 22.5-22.9 31.8-36.1 15.5-26.9 24.6-57.1 26.5-88.1 9.6-53.6 3.7-108.8-16.9-159.2-8.1-16.8-18.8-32.2-31.8-45.6a252.5 252.5 0 0 0-20.2-68c-7.2-15.5-15.9-30.3-22.6-46.2-2.7-6.5-5.1-13.1-8.1-19.4-2.9-6.4-6.9-12.3-11.8-17.3-5.3-4.9-11.6-8.6-18.5-10.7-6.9-2.2-14-3.4-21.2-3.6-14.4-0.7-28.9 1.1-43.1 0.6-11.5-0.5-22.8-2.5-34.3-1.8-5.7 0.3-11.4 1.4-16.7 3.5-5.4 2.1-10.1 5.5-13.8 10m4.6-125.1c-5.4 0.4-10.5 2.7-14.4 6.4-3.9 3.7-6.8 8.4-8.4 13.5-2.7 10.4-3.4 21.3-1.9 32 0.2 9.7 1.9 19.4 5.1 28.6 1.8 4.5 4.4 8.7 7.8 12.2 3.4 3.5 7.7 6.1 12.4 7.3 4.5 1.1 9.2 0.9 13.5-0.5 4.3-1.4 8.3-3.8 11.5-7 4.7-4.8 8.1-10.7 9.8-17.1 1.7-6.4 2.5-13.1 2.3-19.8 0-8.3-1.3-16.6-3.8-24.6s-6.8-15.3-12.6-21.4c-2.8-2.9-6-5.4-9.6-7.2-3.7-1.7-7.7-2.6-11.7-2.4m95 0c-8.6 5.6-15.2 13.8-18.9 23.4-3.8 12.4-3.2 25.6 1.5 37.7 3.9 12.7 11.7 23.8 22.2 31.8 5.4 3.8 11.6 6.2 18.2 7 6.6 0.8 13.2-0.3 19.1-3.3 7-3.9 12.6-10 15.9-17.3 3.2-7.4 5-15.3 5.2-23.3 0.7-10.2-0.6-20.4-3.8-30.1-3.5-10.6-10.3-19.7-19.5-25.9-4.7-3-9.9-5-15.4-5.8-5.5-0.8-11.1-0.2-16.3 1.8-2.9 1.2-5.7 2.7-8.3 4.5" fill="#FFFFFF" p-id="2686"></path><path d="M544.5 223.6c-3.2 0.2-6.2 1.2-8.9 2.9s-5 4-6.8 6.6c-3.4 5.3-5.3 11.5-5.4 17.9-0.3 4.7 0.4 9.5 1.9 14s4.3 8.5 7.9 11.5c3.8 3.1 8.4 4.9 13.3 5.2 4.9 0.2 9.7-1.1 13.7-3.9 3.2-2.3 5.8-5.2 7.6-8.7 1.8-3.4 2.9-7.2 3.4-11 1-6.8-0.2-13.8-3.2-19.9-3.1-6.2-8.4-10.9-14.8-13.4-2.8-1.1-5.7-1.5-8.7-1.4" fill="#020204" p-id="2687"></path><path d="M430.2 198.3c-5.4 0.4-10.5 2.7-14.4 6.4-3.9 3.7-6.8 8.4-8.4 13.5-2.7 10.4-3.4 21.3-1.9 32 0.2 9.7 1.9 19.4 5.1 28.6 1.8 4.6 4.4 8.7 7.8 12.2 3.4 3.5 7.7 6.1 12.4 7.3 4.5 1.1 9.2 0.9 13.5-0.5 4.3-1.4 8.3-3.8 11.5-7 4.7-4.8 8.1-10.7 9.8-17.1 1.7-6.4 2.5-13.1 2.3-19.8 0-8.3-1.3-16.6-3.8-24.6s-6.8-15.3-12.6-21.4c-2.8-2.9-6-5.4-9.6-7.2-3.7-1.7-7.7-2.6-11.7-2.4" fill="#FFFFFF" p-id="2688"></path><path d="M417.3 242.8c-1.3 6.7-1 13.7 1.1 20.2 1.6 4.3 4 8.2 7.2 11.5 2 2.2 4.3 4.1 7 5.4 2.7 1.4 5.7 1.8 8.7 1.1 2.7-0.7 5-2.3 6.7-4.5 1.7-2.2 2.9-4.7 3.7-7.3 2.3-7.8 2.1-16.1-0.4-23.9-1.6-5.7-4.7-10.9-9.1-14.8-2.1-1.8-4.7-3.2-7.4-3.9-2.8-0.7-5.7-0.5-8.4 0.7-2.8 1.4-5.1 3.7-6.5 6.5-1.4 2.8-2.3 5.8-2.7 8.9" fill="#020204" p-id="2689"></path><path d="M404.6 326.9c0.2 0.9 0.5 1.8 1 2.5 0.9 1.4 2 2.5 3.4 3.4 1.3 0.9 2.6 1.7 3.9 2.5 6.9 4.7 13 10.5 17.9 17.3 6 9.4 13.5 17.8 22 25 6.5 4.5 14.1 7.2 22 7.9 9.2 0.7 18.5-0.4 27.4-3.2 8.2-2.4 16.1-5.8 23.5-10.3 12.7-10.2 26.3-19.2 40.7-26.7 3.4-1.2 6.8-2.1 10-3.6 3.3-1.4 6.1-3.8 7.8-7 1.1-3.2 1.8-6.6 1.9-10 0.5-3.6 1.7-7.1 2.3-10.7 0.8-3.6 0.5-7.3-0.8-10.8-1.4-2.7-3.6-4.9-6.3-6.3-2.7-1.3-5.7-2.1-8.7-2.2-6.1 0.2-12.1 0.8-18 1.8-8 0.7-16-0.3-24 0-9.9 0.3-19.8 2.5-29.8 2.9-11.4 0.6-22.7-1.2-34.1-1.7-4.9-0.3-9.9-0.1-14.8 0.7-4.9 0.7-9.6 2.5-13.7 5.3-3.8 3-7.3 6.2-10.7 9.6-1.8 1.6-3.8 3-5.9 4.1-2.2 1.1-4.5 1.7-7 1.6-1.2-0.2-2.5-0.2-3.7 0-0.7 0.3-1.4 0.7-1.9 1.2l-1.5 1.8c-1 1.5-1.9 3.1-2.6 4.7" fill="#D99A03" p-id="2690"></path><path d="M429.7 301.7c-4 2.4-7.9 5-11.8 7.7-2.1 1.3-3.8 3-5.1 5.1-0.7 1.6-1 3.3-0.9 5 0.1 1.7 0.1 3.4 0 5.1-0.1 1.1-0.5 2.3-0.5 3.5 0 0.6 0 1.2 0.2 1.7 0.2 0.6 0.4 1.1 0.8 1.5 0.5 0.5 1.2 0.9 2 1.1 0.7 0.2 1.5 0.3 2.3 0.5 3.5 1 6.7 2.9 9.3 5.4 2.7 2.4 5.1 5.2 8 7.5 8 6 17.7 9.1 27.6 9 9.9-0.2 19.7-1.6 29.2-4.1 7.5-1.6 14.9-3.6 22.1-6.1 11.2-4.2 21.5-10.3 30.4-18.2 3.9-3.8 8-7.2 12.4-10.3 4-2.5 8.7-4.2 12.7-6.6 0.4-0.2 0.7-0.5 1.1-0.7 0.3-0.3 0.6-0.6 0.8-1 0.3-0.7 0.3-1.5 0-2.2-0.2-0.7-0.5-1.3-0.9-1.8-0.5-0.6-1.1-1.2-1.7-1.7-4.6-3.4-10.1-5.3-15.8-5.5-5.8-0.4-11.3 0-16.9-1.1-5.2-1.1-10.3-2.6-15.3-4.4-5.3-1.7-10.7-3-16.3-3.9-13-2.1-26.2-1.8-39.1 1-12.1 2.7-23.8 7.3-34.6 13.5" fill="#604405" p-id="2691"></path><path d="M428.4 288.1c-5.8 3.9-11 8.7-15.5 14.1-2.6 3-4.7 6.5-6.1 10.3-0.9 3-1.5 6.1-2 9.2-0.3 1.1-0.5 2.3-0.5 3.5 0 0.6 0.1 1.2 0.3 1.7 0.2 0.6 0.5 1.1 0.9 1.5 0.7 0.7 1.6 1.1 2.6 1.3 0.9 0.2 1.9 0.2 2.9 0.3 4.4 0.7 8.5 2.5 12.1 5.1 3.6 2.5 7 5.4 10.7 7.8 8.4 5 18 7.7 27.8 7.9 9.8 0.2 19.5-0.8 29-2.9 7.6-1.4 15.1-3.5 22.4-6.3 10.9-4.7 21.1-10.8 30.4-18.2 4.3-3.2 8.5-6.6 12.4-10.3 1.3-1.3 2.6-2.6 4-3.8 1.4-1.2 3-2.1 4.7-2.7 2.7-0.7 5.5-0.8 8.3-0.1 2 0.5 4.1 0.7 6.2 0.7 1.1 0 2.1-0.2 3.1-0.5 1-0.4 1.9-1 2.5-1.8 0.9-1.1 1.3-2.4 1.3-3.8s-0.4-2.7-1.1-3.9c-1.5-2.3-3.8-4.1-6.3-5.1-3.5-1.4-7.1-2.5-10.8-3.2-11.3-2.7-22.3-6.7-32.7-11.9-5.2-2.6-10.1-5.4-15.3-8.1-5.2-2.9-10.6-5.4-16.2-7.2-12.9-3.5-26.6-2.9-39.1 1.8-14 4.9-26.5 13.4-36.1 24.7" fill="#F5BD0C" p-id="2692"></path><path d="M493.5 272.2c0.7 2.3 4.3 1.9 6.4 2.9 2.1 1 3.3 2.9 5.3 3.1 2.1 0.2 5-0.7 5.3-2.6 0.4-2.6-3.4-4.2-5.8-5.1-3.2-1.5-6.8-1.6-10-0.2-0.7 0.3-1.4 1.2-1.2 1.9z m-34.4-1.2c-2.7-0.9-7.1 3.8-5.8 6.3 0.4 0.7 1.6 1.5 2.4 1.1 0.8-0.4 2.3-3.1 3.6-4 1-0.8 0.8-3.1-0.2-3.4z m0 0" fill="#CD8907" p-id="2693"></path><path d="M887.7 829.8c-2 5.2-4.9 10-8.5 14.3-8.4 9-18.6 16.2-29.8 21.2-19 8.8-37.5 18.6-55.5 29.3-11.7 7.8-22.6 16.6-32.7 26.4-8.3 8.7-17.2 16.7-26.6 24.2-9.8 7.2-21.1 12.1-33.1 14-14.7 1.9-29.6-0.4-43.1-6.5-9.7-3.7-18.1-10.2-24-18.8-5-9.2-7.3-19.5-6.8-29.9 0.6-18.3 2.8-36.5 6.6-54.5 2.6-15 5.2-30 6.8-45.1 2.8-27.6 3.1-55.3 1-82.9-0.5-4.6-0.5-9.3 0-13.9 0.6-9.4 8.5-16.6 18-16.5 4.3-0.1 8.6 0.3 12.8 1.1 10 1.2 20 2.9 29.8 5.2 6.1 1.6 12.2 3.8 18.3 5.5 10.2 3 21 3.9 31.6 2.9 11.1-2.6 22.4-4.3 33.8-5.3 4.7 0.2 9.4 1 13.8 2.4 4.6 1.3 8.9 3.6 12.4 6.9 2.5 2.7 4.5 5.8 5.8 9.2 1.9 5.1 3.1 10.4 3.5 15.8 0.2 4.8 0.6 9.6 1.2 14.4 1.7 7.7 5.4 14.9 10.6 20.9 5.3 5.8 11 11.2 17.2 16 5.9 5.2 12.1 10 18.6 14.4 3.1 2.1 6.2 4 9.1 6.3 3 2.2 5.5 5 7.4 8.2 2.4 4.4 3.2 9.5 2 14.4" fill="#F5BD0C" p-id="2694"></path><path d="M887.7 829.8c-2 5.2-4.9 10-8.5 14.3-8.4 9-18.6 16.2-29.8 21.2-19 8.8-37.5 18.6-55.5 29.3-11.7 7.8-22.6 16.6-32.7 26.4-8.3 8.7-17.2 16.7-26.6 24.2-9.8 7.2-21.1 12.1-33.1 14-14.7 1.9-29.6-0.4-43.1-6.5-9.7-3.7-18.1-10.2-24-18.8-5-9.2-7.3-19.5-6.8-29.9 0.6-18.3 2.8-36.5 6.6-54.5 2.6-15 5.2-30 6.8-45.1 2.8-27.6 3.1-55.3 1-82.9-0.5-4.6-0.5-9.3 0-13.9 0.6-9.4 8.5-16.6 18-16.5 4.3-0.1 8.6 0.3 12.8 1.1 10 1.2 20 2.9 29.8 5.2 6.1 1.6 12.2 3.8 18.3 5.5 10.2 3 21 3.9 31.6 2.9 11.1-2.6 22.4-4.3 33.8-5.3 4.7 0.2 9.4 1 13.8 2.4 4.6 1.3 8.9 3.6 12.4 6.9 2.5 2.7 4.5 5.8 5.8 9.2 1.9 5.1 3.1 10.4 3.5 15.8 0.2 4.8 0.6 9.6 1.2 14.4 1.7 7.7 5.4 14.9 10.6 20.9 5.3 5.8 11 11.2 17.2 16 5.9 5.2 12.1 10 18.6 14.4 3.1 2.1 6.2 4 9.1 6.3 3 2.2 5.5 5 7.4 8.2 2.4 4.4 3.2 9.5 2 14.4M259.4 676.3c4.9-1.9 10.2-2.4 15.4-1.4 5.2 1 10.1 3.1 14.4 6.1 8.3 6.3 15.5 14.1 21.2 22.8 14.1 19.4 27.6 39.2 39.9 59.8 10 16.7 19.1 33.9 30.6 49.6 7.5 10.2 16 19.7 23.6 29.9 7.9 10 13.9 21.4 17.6 33.5 4.4 16.1 2.6 33.2-4.9 48.1-5.4 10.4-13.5 19.1-23.4 25.1-10 6-21.5 9-33.2 8.7-18.4-2.5-36.2-8.1-52.6-16.6-34.9-13.9-72.8-18.3-108.8-29.1-11.1-3.3-21.9-7.3-33.1-10.3-5-1.2-9.9-2.7-14.7-4.7-4.7-2-8.8-5.4-11.5-9.7-2-3.5-3-7.5-2.9-11.5 0.1-4 0.9-7.9 2.3-11.5 2.7-7.5 7.1-14.2 10-21.6 4.4-12.2 6.1-25.3 5-38.2-0.6-12.9-2.9-25.8-3.6-38.7-0.6-5.8-0.4-11.6 0.6-17.3 1.5-11.4 10.4-20.5 21.9-22.2 5.3-0.9 10.6-1.3 15.9-1 5.3 0.3 10.7 0.3 16 0 5.3-0.3 10.6-1.8 15.3-4.3 4.3-2.6 8.1-6.2 11-10.4 2.9-4.2 5.5-8.5 7.9-13 2.4-4.5 5.1-8.7 8.3-12.7 3-4.1 7.1-7.2 11.8-9.4" fill="#F5BD0C" p-id="2695"></path><path d="M259.4 676.4c4.9-1.9 10.2-2.4 15.4-1.4 5.2 1 10.1 3.1 14.4 6.1 8.3 6.3 15.5 14.1 21.2 22.8 14.1 19.4 27.6 39.2 39.9 59.8 10 16.7 19.1 33.9 30.6 49.6 7.5 10.2 16 19.7 23.6 29.9 7.9 10 13.9 21.4 17.6 33.5 4.4 16.1 2.6 33.2-4.9 48.1-5.4 10.4-13.5 19.1-23.4 25.1-10 6-21.5 9-33.2 8.7-18.4-2.5-36.2-8.1-52.6-16.6-34.9-13.9-72.8-18.3-108.8-29.1-11.1-3.3-21.9-7.3-33.1-10.3-5-1.2-9.9-2.7-14.7-4.7-4.7-2-8.8-5.4-11.5-9.7-2-3.5-3-7.5-2.9-11.5 0.1-4 0.9-7.9 2.3-11.5 2.7-7.5 7.1-14.2 10-21.6 4.4-12.2 6.1-25.3 5-38.2-0.6-12.9-2.9-25.7-3.6-38.7-0.6-5.8-0.4-11.6 0.6-17.3 1.5-11.4 10.4-20.5 21.9-22.2 5.3-0.9 10.6-1.3 15.9-1 5.3 0.3 10.7 0.3 16 0 5.3-0.3 10.6-1.8 15.3-4.3 4.3-2.6 8.1-6.2 11-10.4 2.9-4.2 5.5-8.5 7.9-13 2.4-4.5 5.1-8.7 8.3-12.7 3-4.1 7.1-7.3 11.8-9.4" fill="#F5BD0C" p-id="2696"></path><path d="M267.1 684.8c4.4-1.7 9.3-2 13.9-0.9s8.9 3.2 12.6 6.2c7.1 6.2 13.1 13.6 17.6 21.9 12 19.4 23.7 39 34.6 59 7.9 15.3 16.8 30.1 26.6 44.2 6.8 9.2 14.6 17.6 21.6 26.6 7.3 8.9 12.8 19 16.2 29.9 4 14.3 2.3 29.6-4.5 42.9-5 9.4-12.5 17.3-21.7 22.6-9.2 5.4-19.8 8-30.4 7.5-16.7-2.6-32.9-7.6-48.2-14.9-30.4-11.1-63.5-12.5-94.7-21.2-11.2-3-22.1-7.1-33.4-9.9-5-1.1-10-2.5-14.8-4.3-4.8-1.8-9-5.2-11.8-9.5-1.8-3.4-2.7-7.2-2.5-11 0.2-3.8 1-7.6 2.4-11.2 2.7-7.1 7-13.6 9.7-20.7 3.8-11 5.1-22.6 3.9-34.2-0.8-11.5-2.9-22.9-3.5-34.5-0.4-5.1-0.2-10.3 0.7-15.4 0.9-5.1 3.3-9.8 6.9-13.6 4.2-3.8 9.4-6.3 15-7 5.6-0.7 11.2-0.7 16.7 0 5.6 0.7 11.2 0.9 16.8 0.8 11 0 21-6.4 25.7-16.4 2.3-4.5 4.3-9.2 5.9-13.9 1.7-4.8 4-9.3 6.7-13.6 2.8-4.3 6.8-7.7 11.5-9.7" fill="#F5BD0C" p-id="2697"></path></svg>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Awesome Pentest Cheat Sheets [![Awesome](https://awesome.re/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | Collection of cheat sheets and check lists useful for security and pentesting. The list contains a huge list of very sorted and selected resources, which can help you to save a lot of time.
  4 | 
  5 | This repo is the updated version from [awesome-pentest-cheat-sheets](https://github.com/coreb1t/awesome-pentest-cheat-sheets).
  6 | 
  7 | ## Contents
  8 | 
  9 | - [Security Talks and Videos](#security-talks-and-videos)
 10 | - [General cheat sheets](#general-cheat-sheets)
 11 | - [Mobile Pentesting](#mobile-pentesting)
 12 | - [Cloud Pentesting](#cloud-pentesting)
 13 | - [Active Directory](#active-directory)
 14 | - [Pentest Methodology](#pentest-methodology)
 15 | - [Privilege Escalation](#privilege-escalation)
 16 | - [Web Pentesting](#web-pentesting)
 17 | - [Binary Exploitation](#binary-exploitation)
 18 | - [Learning Platforms](#learning-platforms)
 19 | - [Bug Bounty](#bug-bounty)
 20 | - [Tools](#tools)
 21 | - [Payloads](#payloads-1)
 22 | - [Programming](#programming)
 23 | 
 24 | ### Contribution
 25 | 
 26 | Your contributions and suggestions are heartily welcome. Please check the [Contributing Guidelines](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/.github/CONTRIBUTING.md) for more details.
 27 | 
 28 | ## Security Talks and Videos
 29 | 
 30 | - [Cybersecurity Conference Directory](https://infosec-conferences.com/site-map/#allevents) - All Cybersecurity, InfoSec & IT Conferences and Events.
 31 | - [Confsec](https://github.com/cryptax/confsec) - List of Security Events 2024.
 32 | - [InfoCon](https://infocon.org/cons/) - The Hacking Conference Archive.
 33 | - [Awesome Security Talks](https://github.com/PaulSec/awesome-sec-talks) - Curated list of Security Talks and Videos.
 34 | 
 35 | ## General cheat sheets
 36 | 
 37 | - [The Hackers' Choice Tips & Tricks Cheatsheet](https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet)
 38 | - [Docker Cheat Sheet](https://github.com/wsargent/docker-cheat-sheet)
 39 | - [macOS Command Line Cheat Sheet](https://github.com/herrbischoff/awesome-osx-command-line)
 40 | - [PowerShell Cheat Sheet](https://pen-testing.sans.org/blog/2016/05/25/sans-powershell-cheat-sheet) - SANS PowerShell Cheat Sheet from SEC560 Course [(PDF version)](docs/PowerShellCheatSheet_v41.pdf).
 41 | - [Rawsec's CyberSecurity Inventory](https://inventory.raw.pm/) - An open-source inventory of tools, resources, CTF platforms and Operating Systems about CyberSecurity. ([Source](https://gitlab.com/rawsec/rawsec-cybersecurity-list)).
 42 | - [Regexp Security Cheat Sheet](https://github.com/attackercan/regexp-security-cheatsheet)
 43 | - [Security Cheat Sheets](https://github.com/teamghsoftware/security-cheatsheets) - A collection of security cheat sheets.
 44 | - [Unix Commands Cheat Sheet](https://www.stationx.net/unix-commands-cheat-sheet/)
 45 | - [Linux File Permissions Cheat Sheet](https://www.stationx.net/linux-file-permissions-cheat-sheet/)
 46 | - [DostoevskyLabs' Pentest notes](https://dostoevskylabs.gitbooks.io/dostoevskylabs-pentest-notes/content/) - Pentest Notes collection from DostoevskyLabs.
 47 | - [Thick Client Pentest Checklist](https://github.com/Hari-prasaanth/Thick-Client-Pentest-Checklist) - Pentest Checklist for Thick-Client Penetration Tests.
 48 | - [HauSec's Pentesting Cheat sheet](https://hausec.com/pentesting-cheatsheet/) - Pentest Cheat sheet from HauSec.
 49 | 
 50 | ## Mobile Pentesting
 51 | 
 52 | - [Mobile App Pentest Cheat Sheet](https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet) - Collection of resources on Apple & iOS Penetration Testing.
 53 | - [Mobexler](https://mobexler.com/) - Customised virtual machine, designed to help in penetration testing of Android & iOS applications.
 54 | 
 55 | ### Android
 56 | 
 57 | ![](https://coderkube.com/wp-content/uploads/2017/10/android-app-development-banner.png).
 58 | 
 59 | - [Android Pentest Checklist Xmind](https://xmind.app/m/GkgaYH/#) - Xmind mindmap for Android Penetration Tests.
 60 | - [MASTG](https://github.com/OWASP/owasp-mastg) - OWASP Mobile Application Security Testing Guide [[PDF]](https://github.com/OWASP/owasp-mastg/releases/download/v1.4.0/OWASP_MSTG-v1.4.0.pdf).
 61 | - [Android Pentesting Checklist](https://github.com/Hrishikesh7665/Android-Pentesting-Checklist) - Case-by-case Checklist for Android Pentests.
 62 | - [Android Pentesting Cheat sheet](https://github.com/ivan-sincek/android-penetration-testing-cheat-sheet) - Android Pentesting Resources #1.
 63 | - [HackTricks - Android Pentesting](https://book.hacktricks.xyz/mobile-pentesting/android-app-pentesting) - HackTricks Collection of Android Pentesting.
 64 | 
 65 | #### Vulnerable Android Applications
 66 | 
 67 | - [InjuredAndroid](https://github.com/B3nac/InjuredAndroid)
 68 | - [Damn vulnerable Bank](https://github.com/rewanthtammana/Damn-Vulnerable-Bank)
 69 | - [InsecureShop](https://github.com/optiv/InsecureShop)
 70 | - [AndroGoat](https://github.com/satishpatnayak/AndroGoat)
 71 | - [Android-Insecurebankv2](https://github.com/dineshshetty/Android-InsecureBankv2)
 72 | - [OVAA](https://github.com/oversecured/ovaa)
 73 | - [DIVA](https://github.com/payatu/diva-android)
 74 | 
 75 | ### Apple
 76 | 
 77 | ![](https://uol.de/f/5/_processed_/8/3/csm_apple-banner-min_1588062300375_244697dda3.jpeg)
 78 | 
 79 | - [iOS Pentest Checklist](https://github.com/ivan-sincek/ios-penetration-testing-cheat-sheet) - Checklist for iOS/IPA Penetration Tests.
 80 | - [Hacktricks iOS Checklist](https://book.hacktricks.xyz/mobile-pentesting/ios-pentesting-checklist) -  Another Checklist for iOS/IPA Penetration Tests | Hacktricks Cloud.
 81 | - [PentestGlobal IOS gitbook](https://ios.pentestglobal.com/) - Gitbook about iOS Pentesting.
 82 | - [Can i jailbreak?](https://canijailbreak.com/) - List of each jailbreak needed for each iOS version.
 83 | - [Jailbreaks.app](https://jailbreaks.app/) - Downloads for Odyssey, Taurine Jailbreaks.
 84 | 
 85 | ## Cloud Pentesting
 86 | 
 87 | ### Kubernetes
 88 | 
 89 | ![](https://codefresh.io/wp-content/uploads/2023/07/Intro-to-Kubernetes-blog-b-2.png)
 90 | 
 91 | - [Awesome Kubernetes (K8s) Security](https://github.com/magnologan/awesome-k8s-security) - Collection of Kubernetes security resources.
 92 | - [Kubetools](https://collabnix.github.io/kubetools/#security-tools) - Kubernetes security tools.
 93 | - [HackingKubernetes](https://github.com/g3rzi/HackingKubernetes) - Collection of Kubernetes Pentesting Resources.
 94 | - [Kubernetes Goat](https://github.com/madhuakula/kubernetes-goat) - Vulnerable-by-Design cluster environment for training.
 95 | - [KubePwn](https://github.com/alexivkin/kubepwn) - Another Collection of resources about Kubernetes security.
 96 | - [HackTricks - Kubernetes Pentesting](https://cloud.hacktricks.xyz/pentesting-cloud/kubernetes-security) - HackTricks Collection of Kubernetes Pentesting.
 97 | 
 98 | ##### Kubernetes Pentest Methodology (CyberArk)
 99 | 
100 | - [Part 1](https://cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1)
101 | - [Part 2](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2)
102 | - [Part 3](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3)
103 | 
104 | ### Azure
105 | 
106 | ![](https://www.evozon.com/wp-content/uploads/2017/05/Azure-Banner.png)
107 | 
108 | - [Awesome Azure Pentest](https://github.com/Kyuu-Ji/Awesome-Azure-Pentest) - A curated list of useful tools and resources for penetration testing and securing Microsofts cloud platform Azure.
109 | - [HackTricks - Azure Pentesting](https://cloud.hacktricks.xyz/pentesting-cloud/azure-security) - HackTricks Collection of Kubernetes Pentesting.
110 | 
111 | ## Active Directory
112 | 
113 | ![](https://www.bds-solutions.co.uk/wp-content/uploads/2015/10/AD-2012.png)
114 | 
115 | - [Active Directory Exploitation Cheat Sheet](https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet) - Cheat sheet for Active Directory Exploitation.
116 | - [OSCP Active Directory Cheat Sheet](https://github.com/brianlam38/OSCP-2022/blob/main/cheatsheet-active-directory.md) - Cheat sheet for Active Directory Attacks used in OSCP.
117 | - [WADComs](https://wadcoms.github.io/) - Interactive cheat sheet - list of offensive security tools and their respective commands to be used against Windows/AD environments.
118 | - [HackTricks - Active Directory Pentesting](https://book.hacktricks.xyz/windows-hardening/active-directory-methodology) - HackTricks Collection of Active Directory Pentesting.
119 | - [GOAD](https://github.com/Orange-Cyberdefense/GOAD) - Vulnerable-by-Design Active Directory environment.
120 | - [Ultimate BloodHound Guide](https://m4lwhere.medium.com/the-ultimate-guide-for-bloodhound-community-edition-bhce-80b574595acf) - The Ultimate Guide for BloodHound Community Edition (BHCE).
121 | - [Windows Red Team Cheat sheet](https://github.com/morph3/Windows-Red-Team-Cheat-Sheet) - Windows for Red Teamers Cheat Sheet ([Moved to wiki](https://notes.morph3.blog/)).
122 | - [Resource Collection #1](https://github.com/DeanOfCyber/Active-Directory-Penetration-Testing-and-Security) - Collection of Active Directory Pentesting resources #1.
123 | - [Resource Collection #2](https://github.com/AD-Attacks/Active-Directory-Penetration-Testing) - Collection of Active Directory Pentesting resources #2.
124 | - [Resource Collection #3](https://github.com/geeksniper/active-directory-pentest) - Collection of Active Directory Pentesting resources #3.
125 | - [Resource Collection #4](https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet) - Collection of Active Directory Pentesting resources #4.
126 | 
127 | ## Pentest Methodology
128 | 
129 | ![](https://blog.rapid7.com/content/images/2018/03/green-metasploit-heart-banner.png)
130 | 
131 | ### Discovery
132 | 
133 | - [Google Dorks](https://www.exploit-db.com/google-hacking-database) - Google Dorks Hacking Database (Exploit-DB).
134 | - [Shodan](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/docs/shodan.md) - Shodan is a search engine for finding specific devices, and device types, that exist online.
135 | - [ZoomEye](http://zoomeye.org) - Zoomeye is a Cyberspace Search Engine recording information of devices, websites, services and components etc.
136 | - [Amass](https://github.com/OWASP/Amass) - OWASP Network mapping of attack surfaces and external asset discovery using open source information.
137 | - [Censys](https://search.censys.io/) - Similar to shodan, search engine for specific devices including IoT.
138 | 
139 | ### Enumeration
140 | 
141 | - [enum4linux-ng](https://github.com/cddmp/enum4linux-ng) - Python tool for enumerating information from Windows/Samba systems.
142 | - [0xdf - SMB Enumeration](https://0xdf.gitlab.io/2024/03/21/smb-cheat-sheet.html) - 0xdf's SMB Enumeration Cheat Sheet.
143 | - [OSCP Enumeration Cheat sheet](https://github.com/oncybersec/oscp-enumeration-cheat-sheet) - Cheat sheet for Enumeration for OSCP Certificate.
144 | - [CrackMapExec Cheatsheet](https://cheatsheet.haax.fr/windows-systems/exploitation/crackmapexec/) - Cheat sheet for CrackMapExec (CME).
145 | 
146 | ### Exploitation
147 | 
148 | - [Empire Cheat Sheet](https://github.com/HarmJ0y/CheatSheets/blob/master/Empire.pdf) - [Empire](http://www.powershellempire.com) is a PowerShell and Python post-exploitation framework.
149 | - [Exploit Development Cheat Sheet](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/docs/pentest-exploit-dev-cheatsheet.jpg) - [@ovid](https://twitter.com/ovid)'s exploit development in one picture.
150 | - [Java Deserialization Cheat Sheet](https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet) - A cheat sheet for pentesters about Java Native Binary Deserialization vulnerabilities.
151 | - [Local File Inclusion (LFI) Cheat Sheet #1](https://highon.coffee/blog/lfi-cheat-sheet/) - Arr0way's LFI Cheat Sheet.
152 | - [Local File Inclusion (LFI) Cheat Sheet #2](https://www.aptive.co.uk/blog/local-file-inclusion-lfi-testing/) - Aptive's LFI Cheat Sheet.
153 | - [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/) - The ultimate guide to the Metasploit Framework.
154 | - [Metasploit Cheat Sheet](https://www.tunnelsup.com/metasploit-cheat-sheet/) - A quick reference guide [(PNG version)](docs/Metasploit-CheatSheet.png)[(PDF version)](docs/Metasploit-CheatSheet.pdf).
155 | - [PowerSploit Cheat Sheet](https://github.com/HarmJ0y/CheatSheets/blob/master/PowerSploit.pdf) - [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) is a powershell post-exploitation framework.
156 | - [PowerView 2.0 Tricks](https://gist.github.com/HarmJ0y/3328d954607d71362e3c)
157 | - [PowerView 3.0 Tricks](https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993)
158 | - [PHP htaccess Injection Cheat Sheet](https://github.com/sektioneins/pcc/wiki/PHP-htaccess-injection-cheat-sheet) - PHP htaccess Injection Cheat Sheet by PHP Secure Configuration Checker.
159 | - [Reverse Shell Cheat Sheet #1](http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet) - Pentestmonkey Reverse Shell Cheat Sheet.
160 | - [Reverse Shell Cheat Sheet #2](https://highon.coffee/blog/reverse-shell-cheat-sheet) - Arr0way's  Reverse Shell Cheat Sheet.
161 | - [SQL Injection Cheat Sheet](https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet) - Netsparker's SQL Injection Cheat Sheet.
162 | - [SQLite3 Injection Cheat Sheet](http://atta.cked.me/home/sqlite3injectioncheatsheet)
163 | 
164 | ### Post-Exploitation
165 | 
166 | - [Awesome Windows Post Exploitation](https://github.com/emilyanncr/Windows-Post-Exploitation) - Collection of resources for Windows Post-Exploitation.
167 | - [HackTricks - Post Exploitation](https://book.hacktricks.xyz/todo/post-exploitation) - HackTricks Collection of Post-Exploitation.
168 | 
169 | ### Privilege Escalation
170 | 
171 | #### Learn Privilege Escalation
172 | 
173 | - [Windows / Linux Local Privilege Escalation Workshop](https://github.com/sagishahar/lpeworkshop) - The Privilege Escalation Workshop covers all known (at the time) attack vectors of local user privilege escalation on both Linux and Windows operating systems and includes slides, videos, test VMs.
174 | <img src="https://pbs.twimg.com/media/DAZsE2VUQAA_bpZ.jpg">.
175 | 
176 | #### ![](images/linux.svg) Linux Privilege Escalation
177 | 
178 | - [Basic Linux Privilege Escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) - Linux Privilege Escalation by [@g0tmi1k](https://twitter.com/g0tmi1k).
179 | - [linux-exploit-suggester.sh](https://github.com/mzet-/linux-exploit-suggester) - Linux privilege escalation auditing tool written in bash (updated).
180 | - [Linux_Exploit_Suggester.pl](https://github.com/PenturaLabs/Linux_Exploit_Suggester) - Linux Exploit Suggester written in Perl (last update 3 years ago).
181 | - [Linux_Exploit_Suggester.pl v2](https://github.com/jondonas/linux-exploit-suggester-2) - Next-generation exploit suggester based on Linux_Exploit_Suggester (updated).
182 | - [Linux Soft Exploit Suggester](https://github.com/belane/linux-soft-exploit-suggester) - Linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities.
183 | - [checksec.sh](https://github.com/slimm609/checksec.sh) - Bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source).
184 | - [linuxprivchecker.py](http://www.securitysift.com/download/linuxprivchecker.py) - This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits (@SecuritySift).
185 | - [LinEnum](https://github.com/rebootuser/LinEnum) - This tool is great at running through a heap of things you should check on a Linux system in the post exploit process. This include file permissions, cron jobs if visible, weak credentials etc.(@Rebootuser).
186 | - [linPEAS](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS) - LinPEAS - Linux Privilege Escalation Awesome Script. Check the Local Linux Privilege Escalation checklist from [book.hacktricks.xyz](https://book.hacktricks.xyz).
187 | - [MimiPenguin](https://github.com/huntergregal/mimipenguin) - A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. .
188 | 
189 | #### ![](images/Windows.svg) Windows Privilege Escalation
190 | 
191 | - [PowerUp](https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc) - Excellent powershell script for checking of common Windows privilege escalation vectors. Written by [harmj0y](https://twitter.com/harmj0y) [(direct link)](https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Privesc/PowerUp.ps1).
192 | - [PowerUp Cheat Sheet](https://github.com/HarmJ0y/CheatSheets/blob/master/PowerUp.pdf)
193 | - [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) - Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits.
194 | - [Sherlock](https://github.com/rasta-mouse/Sherlock) - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
195 | - [Watson](https://github.com/rasta-mouse/Watson) - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities.
196 | - [Precompiled Windows Exploits](https://github.com/abatchy17/WindowsExploits) - Collection of precompiled Windows exploits.
197 | - [Metasploit Modules](https://github.com/rapid7/metasploit-framework)
198 |   - post/multi/recon/local_exploit_suggester - suggests local meterpreter exploits that can be used.
199 |   - post/windows/gather/enum_patches - helps to identify any missing patches.
200 | 
201 | ## Web Pentesting
202 | 
203 | ![](https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/sql-injection-hero.png)
204 | - [OWASP Web Security Testing Guide](https://owasp.org/www-project-web-security-testing-guide/v42/)
205 | - [Web Pentest Checklist](https://pentestbook.six2dez.com/others/web-checklist) - Checklist for Web Application Penetration Tests.
206 | - [SQL Injection Cheatsheet](https://portswigger.net/web-security/sql-injection/cheat-sheet) - PortSwigger SQL Injection Cheat Sheet.
207 | - [Cross-Site-Scripting Cheat sheet](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet) - PortSwigger Cross-Site-Scripting (XSS) Cheat sheet.
208 | - [Google CSP Evaluator](https://csp-evaluator.withgoogle.com) - Google's CSP Evaluator [Chrome Extension](https://chromewebstore.google.com/detail/csp-evaluator/fjohamlofnakbnbfjkohkbdigoodcejf)
209 | - [Awesome Web Hacking](https://github.com/infoslack/awesome-web-hacking) - Collection of resources for Web Pentesting #1.
210 | - [Awesome Web Security](https://github.com/qazbnm456/awesome-web-security) - Collection of resources for Web Pentesting #2.
211 | 
212 | ##### Payloads
213 | 
214 | - [XSS Polyglot Payloads #1](https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot) - Unleashing an Ultimate XSS Polyglot list by 0xsobky.
215 | - [XSS Polyglot Payloads #2](http://polyglot.innerht.ml/) - [@filedescriptor](https://twitter.com/filedescriptor)'s XSS.
216 | - [Browser's-XSS-Filter-Bypass-Cheat-Sheet](https://github.com/masatokinugawa/filterbypass/wiki/Browser's-XSS-Filter-Bypass-Cheat-Sheet) - Excellent List of working XSS bypasses running on the latest version of Chrome, Safari, Edge created by Masato Kinugawa.
217 | 
218 | ##### Labs
219 | 
220 | - [PortSwigger Web Penetration Testing Labs](https://portswigger.net/web-security/all-labs)
221 | 
222 | ## Binary Exploitation
223 | 
224 | ![](https://64.media.tumblr.com/cae273ceb708b68e270d66c30e8a42a3/tumblr_inline_pekyt8seIo1sjxwjp_1280.png).
225 | - [Binary Exploitation Red Team Notes](https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation) - Ired.team notes for Binary Exploitation.
226 | - [Binary Exploitation Notes](https://ir0nstone.gitbook.io/notes) - Ir0nstone's Binary Exploitation Notes.
227 | - [Sticky Notes Binary Exploitation](https://exploit-notes.hdks.org/exploit/binary-exploitation/) - Sticky Notes colletion for Binary Exploitation.
228 | - [checksec.py](https://github.com/Wenzel/checksec.py/) - Cross-Platform CheckSec Tool for checking binary security properties.
229 | - [HackTricks - Binary Exploitation](https://book.hacktricks.xyz/binary-exploitation/basic-binary-exploitation-methodology) - HackTricks Collection of Binary Exploitation.
230 | - [Liveoverflow - Binary Exploitation](https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN) - LiveOverflow's Binary Exploitation YouTube playlist.
231 | - [PwnTools Cheat sheet](https://gist.github.com/anvbis/64907e4f90974c4bdd930baeb705dedf) - Cheat sheet for PwnTools python library.
232 | - [pwndbg Cheat sheet](https://drive.google.com/file/d/16t9MV8KTFXK7oX_CzXhmDdaVnjT8IYM4/view) - Cheat sheet for pwndbg GDB plug-in.
233 | - [GDB PEDA Cheat sheet](https://github.com/kibercthulhu/gdb-peda-cheatsheet/blob/master/gdb-peda%20cheatsheet.pdf) - Cheat sheet for PEDA GDB plug-in.
234 | 
235 | ## Learning Platforms
236 | 
237 | ![](https://www.crest-approved.org/wp-content/uploads/2022/11/htb-header.png)
238 | 
239 | #### Online
240 | 
241 | - [Hack The Box :: Penetration Testing Labs](https://www.hackthebox.eu) - Leading penetration testing training labs platform.
242 | - [TryHackMe](https://tryhackme.com/) - Free online platform for learning cyber security & penetration testing.
243 | - [OWASP Vulnerable Web Applications Directory Project (Online)](https://owasp.org/www-project-vulnerable-web-applications-directory/#div-online) - List of online available vulnerable applications for learning purposes.
244 | - [Pentestit labs](https://lab.pentestit.ru) - Hands-on Pentesting Labs (OSCP style).
245 | - [Root-me.org](https://www.root-me.org) - Hundreds of challenges are available to train yourself in different and not simulated environments.
246 | 
247 | #### Off-Line
248 | 
249 | - [Vulnhub.com](https://www.vulnhub.com) - Vulnerable By Design VMs for practical 'hands-on' experience in digital security.
250 | - [Damn Vulnerable Xebia Training Environment](https://github.com/davevs/dvxte) - Docker Container including several vurnerable web applications (DVWA,DVWServices, DVWSockets, WebGoat, Juiceshop, Railsgoat, django.NV, Buggy Bank, Mutilidae II and more).
251 | - [OWASP Vulnerable Web Applications Directory Project (Offline)](https://owasp.org/www-project-vulnerable-web-applications-directory/#div-offline) - List of offline available vulnerable applications for learning purposes.
252 | - [Vulnerable SOAP Web Service](https://github.com/anil-yelken/Vulnerable-Soap-Service) - Vulnerable SOAP web service lab environment.
253 | - [Vulnerable Flask Web App](https://github.com/anil-yelken/Vulnerable-Flask-App) - Vulnerable Flask Web App lab environment.
254 | 
255 | ## Bug Bounty
256 | 
257 | ![](https://www.tataplay.com/assets/images/bug-bounty/banner-desktop.png)
258 | 
259 | - [Awesome BugBounty Tools](https://github.com/vavkamil/awesome-bugbounty-tools) - A curated list of various bug bounty tools.
260 | - [bug-bounty-platforms](https://github.com/disclose/bug-bounty-platforms) - Open-Sourced Collection of Bug Bounty Platforms.
261 | - [m0chan - Bug Bounty Methodology](https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html) - m0chan's Bug Bounty Methodology Collection.
262 | - [NahamSec - Resources for Beginners](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters) - NahamSec's Resources for Beginner Bug Bounty Hunters Collection.
263 | - [AllAboutBugBounty](https://github.com/daffainfo/AllAboutBugBounty?tab=readme-ov-file) - BugBounty notes gathered from various sources.
264 | - [Bug-Bounty-Resources](https://github.com/Tikam02/Bug-Bounty-Resources) - Collection of Bug Bounty Resources #1.
265 | - [Bug-Bounty-Resources](https://github.com/AnLoMinus/Bug-Bounty) - Collection of Bug Bounty Resources #2.
266 | 
267 | #### Free video courses
268 | 
269 | - [Ryan John Bug Bounty Playlist](https://www.youtube.com/watch?v=wMO_My5gsDI&list=PLtZtNPs3fJyDUJttw2sJVU69IKfqY7XPn) - Collection of Ryan John's BugBounty videos ([11h Full Course Video](https://www.youtube.com/watch?v=TTw-EY7F1rM)).
270 | - [LiveOverFlow Bug Bounty Playlist](https://www.youtube.com/watch?v=LrLJuyAdoAg&list=PLhixgUqwRTjxKYsPTegCyL5adZaq5eILt) - Collection of LiveOverflow's Bug bounty videos.
271 | 
272 | #### Podcasts
273 | 
274 | - [BBRE Podcast](https://www.youtube.com/watch?v=CfE0-GZk4v8&list=PLvxs_epf2X91Dn3pWeRxPQSV6SWvWqDE3&index=2) - Bug Bounty Reports Explained Podcast.
275 | - [Critical Thinking Podcast](https://www.youtube.com/watch?v=t6cTvajgYsM&list=PLO-h_HEvT1ysKxfLkI-uk3_vxzxoUHCD7) - Critical Thinking Bug Bounty Podcast.
276 | 
277 | ### Other resources
278 | 
279 | ### Tools
280 | 
281 | - [Nmap Cheat Sheet](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/docs/nmap.md)
282 | - [SQLmap Cheat Sheet](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/docs/sqlmap-cheatsheet-1.0-SDB.pdf)
283 | - [SQLmap Tamper Scripts](https://forum.bugcrowd.com/t/sqlmap-tamper-scripts-sql-injection-and-waf-bypass/423) - SQLmap Tamper Scripts General/MSSQL/MySQL.
284 | - [VIM Cheatsheet](https://i.imgur.com/YLInLlY.png)
285 | - [Wireshark Display Filters](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/docs/Wireshark_Display_Filters.pdf) - Filters for the best sniffing tool.
286 | 
287 | ### Tools Online
288 | 
289 | - [revshells.com](https://www.revshells.com) - Reverse shell payload generator ([Source code](https://github.com/0dayCTF/reverse-shell-generator)).
290 | - [Segfault](https://www.thc.org/segfault) - Segfault: Free disposable root servers (by [@THC](https://www.thc.org/)).
291 | - [suip.biz](https://suip.biz) - Various free online pentesting tools like nmap, wpscan, sqlmap.
292 | - [XSS'OR Encoder/Decoder](http://xssor.io/#ende) - Online Decoder/Encoder for testing purposes (@evilcos).
293 | - [WebGun](https://brutelogic.com.br/webgun/) - WebGun, XSS Payload Creator (@brutelogic).
294 | - [Hackvertor](https://hackvertor.co.uk) - Tool to convert various encodings and generate attack vectors (@garethheyes).
295 | - [JSFiddle](https://jsfiddle.net) - Test and share XSS payloads, [Example PoC](https://jsfiddle.net/xqjpsh65/).
296 | 
297 | ### Payloads
298 | 
299 | - [Fuzzdb](https://github.com/fuzzdb-project/fuzzdb) - Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions.
300 | - [SecList](https://github.com/danielmiessler/SecLists) - A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
301 | 
302 | ### Write-Ups
303 | 
304 | - [Bug Bounty Reference](https://github.com/ngalongc/bug-bounty-reference) - Huge list of bug bounty write-up that is categorized by the bug type (SQLi, XSS, IDOR, etc.).
305 | - [Write-Ups for CTF challenges](https://ctftime.org/writeups)
306 | - [Facebook Bug Bounties](https://www.facebook.com/notes/phwd/facebook-bug-bounties/707217202701640) - Categorized Facebook Bug Bounties write-ups.
307 | 
308 | ### Wireless Hacking
309 | 
310 | #### Tools
311 | 
312 | - [wifite2](https://github.com/coreb1t/wifite2) - Full automated WiFi security testing script .
313 | 
314 | ### Defence Topics
315 | 
316 | - [Docker Security Cheat Sheet](https://container-solutions.com/content/uploads/2015/06/15.06.15_DockerCheatSheet_A2.pdf) - The following tips should help you to secure a container based system [(PDF version)](docs/DockerCheatSheet.pdf).
317 | - [Windows Domain Hardening](https://github.com/PaulSec/awesome-windows-domain-hardening) - A curated list of awesome Security Hardening techniques for Windows.
318 | 
319 | ### Programming
320 | 
321 | - [JavaScript Cheat Sheet](https://github.com/coodict/javascript-in-one-pic) - Learn JavaScript in one picture [(Online version)](https://git.io/Js-pic) [(PNG version)](docs/js-in-one-pic.png).
322 | - [Python Cheat Sheet #1](https://github.com/siyuanzhao/python3-in-one-pic) - Learn python3 in one picture [(PNG version)](docs/python-3-in-one-pic.png).
323 | - [Python Cheat Sheet #2 ](https://github.com/coodict/python3-in-one-pic) - Learn python3 in one picture [Online version](https://git.io/Coo-py3) [PNG version](docs/py3-in-one-pic.png).
324 | - [Python Snippets Cheat Sheet](https://github.com/ByteSnipers/awesome-pentest-cheat-sheets/blob/main/docs/python-snippets.md) - List of helpful re-usable code snippets in Python.
325 | 


--------------------------------------------------------------------------------