├── .github ├── ISSUE_TEMPLATE.MD ├── PULL_REQUEST_TEMPLATE.md └── workflows │ └── static.yml ├── CONTRIBUTING.md ├── Guides ├── 1. Overviews │ ├── Get_Started-MaderasSecurityArsenal.md │ ├── Networking │ │ ├── Common Ports & Protocols.md │ │ ├── IP Addresses.md │ │ ├── MAC Addresses.md │ │ ├── OSI Model Overview.md │ │ ├── Subnetting.md │ │ └── Transport Layer (OSI L4).md │ └── Penetration Test Playbook.md ├── 2. Scanning and Enumeration │ ├── External Reconnaissance.md │ ├── Search_Engines_for_Pentesters.jpg │ └── Subverting Intrusion Detection Systems.md ├── 3. Gaining Access and Persistence │ ├── Evasion and Data Exfiltration │ │ ├── Abusing Exclusions To Evade Detection _ Dazzy Ddos.pdf │ │ └── Encrypted PowerShell.md │ ├── Initial Foothold │ │ ├── LDAP.md │ │ ├── Payload Generation - MSFVenom.md │ │ └── Using Cloudflare to bypass Cloudflare – Certitude Blog.pdf │ ├── Post Compromise │ │ ├── Active Directory Playbook.md │ │ ├── Kerberoasting │ │ │ ├── Golden Diamond and Sapphire Attacks.md │ │ │ └── Service Principal Name (SPN) Discovery.md │ │ └── OS Enumeration.md │ └── Windows Persistence │ │ ├── Create New User Account.md │ │ ├── DLL Hijacking │ │ ├── DLL Hijacking Overview.md │ │ └── DLL Hijacking Pentest Cheat Sheet.md │ │ └── Registry Persistence.md ├── Power Commands │ ├── PowerShell │ │ ├── Metasploit Meterpreter Payload via Command Line.md │ │ └── PowerShell Evasion.md │ ├── Scanning │ │ ├── Web Application Recon.md │ │ └── Windows Management Instrumentation (WMI) Pentest Cheat Sheet.md │ ├── Text Processing │ │ ├── Parsing for Pentesters - F’Awk Yeah! Advanced sed and awk Usage (Parsing for Pentesters 3) _ by Jeff Dimmock _ Posts By SpecterOps Team Members.pdf │ │ └── Text_Processing_and_Shell_Operations.md │ └── Web Applications │ │ ├── CORS.md │ │ ├── CSRF.md │ │ ├── HTML.md │ │ ├── PathTraversal.md │ │ ├── README.md │ │ ├── SQL_injection_payloads.md │ │ ├── SSRF_bypassFilters.md │ │ ├── WebApp-ExploitsChecklist.pdf │ │ ├── XSS.md │ │ ├── XSS_contexts.md │ │ ├── injection_fundamentals.md │ │ └── web_hacking_example_workflow.md └── README.md ├── LICENSE ├── README.md ├── Tools ├── Reset-DockerWslIntegration.ps1 ├── directory_visualizer.py ├── extract_video_audio.py ├── firewall_rules.py ├── hashfile_validator.py ├── regex_generator.py ├── repository_visualizer.py └── sumrecon.sh └── index.html /.github/ISSUE_TEMPLATE.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/.github/ISSUE_TEMPLATE.MD -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/.github/PULL_REQUEST_TEMPLATE.md -------------------------------------------------------------------------------- /.github/workflows/static.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/.github/workflows/static.yml -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Get_Started-MaderasSecurityArsenal.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Get_Started-MaderasSecurityArsenal.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Networking/Common Ports & Protocols.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Networking/Common Ports & Protocols.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Networking/IP Addresses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Networking/IP Addresses.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Networking/MAC Addresses.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Networking/MAC Addresses.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Networking/OSI Model Overview.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Networking/OSI Model Overview.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Networking/Subnetting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Networking/Subnetting.md -------------------------------------------------------------------------------- /Guides/1. Overviews/Networking/Transport Layer (OSI L4).md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Networking/Transport Layer (OSI L4).md -------------------------------------------------------------------------------- /Guides/1. Overviews/Penetration Test Playbook.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/1. Overviews/Penetration Test Playbook.md -------------------------------------------------------------------------------- /Guides/2. Scanning and Enumeration/External Reconnaissance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/2. Scanning and Enumeration/External Reconnaissance.md -------------------------------------------------------------------------------- /Guides/2. Scanning and Enumeration/Search_Engines_for_Pentesters.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/2. Scanning and Enumeration/Search_Engines_for_Pentesters.jpg -------------------------------------------------------------------------------- /Guides/2. Scanning and Enumeration/Subverting Intrusion Detection Systems.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/2. Scanning and Enumeration/Subverting Intrusion Detection Systems.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Evasion and Data Exfiltration/Abusing Exclusions To Evade Detection _ Dazzy Ddos.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Evasion and Data Exfiltration/Abusing Exclusions To Evade Detection _ Dazzy Ddos.pdf -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Evasion and Data Exfiltration/Encrypted PowerShell.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Evasion and Data Exfiltration/Encrypted PowerShell.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Initial Foothold/LDAP.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Initial Foothold/LDAP.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Initial Foothold/Payload Generation - MSFVenom.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Initial Foothold/Payload Generation - MSFVenom.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Initial Foothold/Using Cloudflare to bypass Cloudflare – Certitude Blog.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Initial Foothold/Using Cloudflare to bypass Cloudflare – Certitude Blog.pdf -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Post Compromise/Active Directory Playbook.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Post Compromise/Active Directory Playbook.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Post Compromise/Kerberoasting/Golden Diamond and Sapphire Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Post Compromise/Kerberoasting/Golden Diamond and Sapphire Attacks.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Post Compromise/Kerberoasting/Service Principal Name (SPN) Discovery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Post Compromise/Kerberoasting/Service Principal Name (SPN) Discovery.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Post Compromise/OS Enumeration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Post Compromise/OS Enumeration.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Windows Persistence/Create New User Account.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Windows Persistence/Create New User Account.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Windows Persistence/DLL Hijacking/DLL Hijacking Overview.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Windows Persistence/DLL Hijacking/DLL Hijacking Overview.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Windows Persistence/DLL Hijacking/DLL Hijacking Pentest Cheat Sheet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Windows Persistence/DLL Hijacking/DLL Hijacking Pentest Cheat Sheet.md -------------------------------------------------------------------------------- /Guides/3. Gaining Access and Persistence/Windows Persistence/Registry Persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/3. Gaining Access and Persistence/Windows Persistence/Registry Persistence.md -------------------------------------------------------------------------------- /Guides/Power Commands/PowerShell/Metasploit Meterpreter Payload via Command Line.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/PowerShell/Metasploit Meterpreter Payload via Command Line.md -------------------------------------------------------------------------------- /Guides/Power Commands/PowerShell/PowerShell Evasion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/PowerShell/PowerShell Evasion.md -------------------------------------------------------------------------------- /Guides/Power Commands/Scanning/Web Application Recon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Scanning/Web Application Recon.md -------------------------------------------------------------------------------- /Guides/Power Commands/Scanning/Windows Management Instrumentation (WMI) Pentest Cheat Sheet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Scanning/Windows Management Instrumentation (WMI) Pentest Cheat Sheet.md -------------------------------------------------------------------------------- /Guides/Power Commands/Text Processing/Parsing for Pentesters - F’Awk Yeah! Advanced sed and awk Usage (Parsing for Pentesters 3) _ by Jeff Dimmock _ Posts By SpecterOps Team Members.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Text Processing/Parsing for Pentesters - F’Awk Yeah! Advanced sed and awk Usage (Parsing for Pentesters 3) _ by Jeff Dimmock _ Posts By SpecterOps Team Members.pdf -------------------------------------------------------------------------------- /Guides/Power Commands/Text Processing/Text_Processing_and_Shell_Operations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Text Processing/Text_Processing_and_Shell_Operations.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/CORS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/CORS.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/CSRF.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/CSRF.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/HTML.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/HTML.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/PathTraversal.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/PathTraversal.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/README.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/SQL_injection_payloads.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/SQL_injection_payloads.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/SSRF_bypassFilters.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/SSRF_bypassFilters.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/WebApp-ExploitsChecklist.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/WebApp-ExploitsChecklist.pdf -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/XSS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/XSS.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/XSS_contexts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/XSS_contexts.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/injection_fundamentals.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/injection_fundamentals.md -------------------------------------------------------------------------------- /Guides/Power Commands/Web Applications/web_hacking_example_workflow.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/Power Commands/Web Applications/web_hacking_example_workflow.md -------------------------------------------------------------------------------- /Guides/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Guides/README.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/README.md -------------------------------------------------------------------------------- /Tools/Reset-DockerWslIntegration.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/Reset-DockerWslIntegration.ps1 -------------------------------------------------------------------------------- /Tools/directory_visualizer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/directory_visualizer.py -------------------------------------------------------------------------------- /Tools/extract_video_audio.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/extract_video_audio.py -------------------------------------------------------------------------------- /Tools/firewall_rules.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/firewall_rules.py -------------------------------------------------------------------------------- /Tools/hashfile_validator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/hashfile_validator.py -------------------------------------------------------------------------------- /Tools/regex_generator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/regex_generator.py -------------------------------------------------------------------------------- /Tools/repository_visualizer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/repository_visualizer.py -------------------------------------------------------------------------------- /Tools/sumrecon.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/Tools/sumrecon.sh -------------------------------------------------------------------------------- /index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Daethyra/Pentest-References/HEAD/index.html --------------------------------------------------------------------------------