Kr0wZ / pentest-cheatsheet
My tips (for myself) when doing pentest, box and challenges
β14Updated 3 years ago
Alternatives and similar repositories for pentest-cheatsheet:
Users that are interested in pentest-cheatsheet are comparing it to the libraries listed below
- LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.β107Updated 4 months ago
- Generate common Reverse Shells for Pentestingβ41Updated 3 years ago
- π€ The Modern Port Scanner π€β18Updated 3 years ago
- Have you ever faced with the lack of possibility of using NMap? For instance if you have reverse shell as an unprivileged user and there β¦β43Updated 2 years ago
- Automatic & lightning fast wordpress vulnerability scannerβ45Updated 3 years ago
- A Powerfull BUG HUNTING TOOL. Supports SQL, XSS, PHP code execution, SSRF,.... I had Appended My Own Payloads which I had founded during β¦β51Updated 3 years ago
- π Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.shβ34Updated 2 years ago
- Simple python OSINT tool for urls recon thanks to the waybackmachine.β40Updated last year
- Hackfruit is an easy search tool that finds hacking tools, commands and cheat sheets. It helps cybersecurity learing and trainings, CTFs,β¦β21Updated 2 years ago
- This script was developed to track progress for reporting (capture screenshot, commands and outputs) during pentest engagement and OSCP.β73Updated 4 years ago
- An OSINT focused tool made with Nodejs!β92Updated 2 years ago
- Subdomain Bruteforce - Bounty Quick Codeβ30Updated 7 months ago
- β27Updated 2 years ago
- A collection of various capture the flag event write-ups and anomaliesβ40Updated 5 years ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate dataβ55Updated last year
- Scripts, POCs & bullshitβ28Updated 2 months ago
- Bash script to generate reverse shell payloadsβ19Updated last year
- This demonstration video shows how we can control the victim's device by sending the innocent-looking PDF file to the target which actualβ¦β60Updated 3 years ago
- A 1 Liner SQL Injection Attack using SQLMAP and various parameters that helps quickly check for a vulnerabilities during Bug Bountyβ39Updated 7 months ago
- Pentest/Red Team: Resources, repos and scripts.β68Updated last week
- Repository to put my notes related to OSCP certificationβ19Updated 5 years ago
- WhatMail is a command-line tool that analyzes the header of an email and provides detailed information about various fields.β133Updated last year
- Searchsploit alternative. It differs in that it uses searchengines, can run unattended in the background, plays well with nmap and is ablβ¦β17Updated 4 years ago
- Generate email permutations from a name and verify if this email exist with different providers (gmail, duckduckgo, yahoo, yandex)β41Updated 2 months ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228β25Updated 3 years ago
- Simple Bash Script For Collecting Wordpress Usernameβ22Updated 4 years ago
- Web Hacking Cheat Sheet for Recon | Attacks | Tools & Resourcesβ22Updated 4 years ago
- Run search-that-hash from Google colab with fast offline (hashcat) modeβ35Updated 3 years ago
- Collection of extra pentest tools for Kali Linuxβ104Updated last year
- Goblyn is a Python tool focused to enumeration and capture of website files metadata.β71Updated 3 years ago