A cheatsheet I made while taking OSCP+/PEN-200 in 2024-2025
☆45Apr 1, 2025Updated last year
Alternatives and similar repositories for oscp-cheatsheet
Users that are interested in oscp-cheatsheet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 3 years ago
- 紫菜鱼的网�络安全扫描器☆11Dec 19, 2023Updated 2 years ago
- 目前通过自学已经取得 OSCP(Offensive Security Certified Professional)证书,本项目用于记录、分享、交流。☆12Aug 16, 2022Updated 3 years ago
- php webshell bypass D盾、safedog、360、火绒等,仅支持php7☆18Aug 25, 2025Updated 9 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A JavaFX version of the current checkbox in iOS☆11May 24, 2018Updated 8 years ago
- useful stuff for pentesting☆55Mar 18, 2025Updated last year
- Comprehensive MCP server for bug bounty hunting and web application penetration testing☆35Sep 13, 2025Updated 9 months ago
- Weaponized VSCode Extensions☆19May 7, 2026Updated last month
- 修改Bug后的ParamSpider,方便各位师傅使用☆13Nov 13, 2024Updated last year
- ☆13Updated this week
- ☆20Apr 27, 2026Updated last month
- 🛝 Transforms any RCE into a functional dumb shell. Designed for constrained environments (e.g., firewalls) where traditional reverse she…☆15Jun 4, 2026Updated last week
- ☆92May 29, 2026Updated 2 weeks ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- QQ登录页面诱导工具,用于获取用户手机号。基于Nuxt4 + Vue3构建,支持全屏网页嵌入、登录窗口弹出和数据管理。☆11Jan 14, 2026Updated 5 months ago
- A command-line tool for interacting with HackMyVM, supporting machine listing, downloading, and flag submission with session persistence.☆17Jan 18, 2026Updated 4 months ago
- A Burp extension to Fuzz URLs for HTTP parser inconsistencies☆15Jan 9, 2024Updated 2 years ago
- Easy recon tool for OSCP and HTB☆10Aug 8, 2024Updated last year
- 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell co…☆11Oct 18, 2023Updated 2 years ago
- I created this to dump challenge for CTF that I participated☆12May 26, 2023Updated 3 years ago
- Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.☆16Jul 17, 2025Updated 10 months ago
- linux 的美化和配置☆17Oct 24, 2022Updated 3 years ago
- A collection of study notes and resources for the Offensive Security Certified Professional (OSCP) certification exam. Includes summaries…☆68Nov 15, 2025Updated 7 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Ini adalah kumpulan webshell atau backdoor yang lengkap☆18Aug 18, 2024Updated last year
- 一款基于 AI 大模型的 WebShell 自动生成工具,支持自动迭代优化,集成河马查杀和阿里云伏魔平台检测。☆17Feb 5, 2026Updated 4 months ago
- [Mirror] thc.org uses a CA that is not trusted on a base Arch system so we are mirroring some source here.☆15Nov 9, 2013Updated 12 years ago
- AI modular structure that provides automation-based attack and penetration☆14May 10, 2024Updated 2 years ago
- Web Crawler for Identifying Entry Points☆11Mar 26, 2024Updated 2 years ago
- A little JavaFX TimeControl that was inspired by Apple's sleep timer in iOS 10☆14Apr 18, 2017Updated 9 years ago
- regex Hunter- Fast website endpoint sensitive data and Leaks JS files endpoint API Key Scraper☆15Jun 8, 2024Updated 2 years ago
- OSCP Notes☆20Aug 14, 2022Updated 3 years ago
- ☆15May 2, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- SQL Detector Tool In Go Language☆22Jan 10, 2023Updated 3 years ago
- Image Payload Creating/Injecting tools☆13Jun 6, 2021Updated 5 years ago
- Python default webserver as an windows executable☆18Jan 20, 2018Updated 8 years ago
- PoCs of (outdated) privilege escalation vulnerability☆12Dec 31, 2024Updated last year
- A Checklist for Offsec PEN-200 EXAM OSCP+ 2024☆69Oct 31, 2024Updated last year
- 学习kali的一些书籍资料--入门指南☆18Aug 8, 2022Updated 3 years ago
- CommandInWiFi: Exploiting SSID Storage in WiFi Scanning for Command Injection☆43May 18, 2026Updated 3 weeks ago