Skip to content

This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-ups, tools, techniques, programming/scripting notes, and more. I documented them in this repo to provide like-minded offensive security enthusiasts and professionals easy access to these valuable resources.

License

Notifications You must be signed in to change notification settings

Sh4d0wx0x5F/Pentest-Resources-Cheat-Sheets

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 

Repository files navigation

📚 Pentest-Resources

A curated list of websites and github repos with pentest cheatsheets, tools, techniques, CTF write-ups, and programming languages.

The goal of this project is to centralize pertinent and most used pentest/redteam cheatsheets, techniques, tools, and write-ups for like-minded offensive security enthusiasts and professionals.

Name Author(s) / Maintainer(s) Description Link Type
HackTricks Carlos Polop A website featuring curated hacking tricks, techniques, and methodologies, spanning from network penetration testing to web penetration testing. Link Pentest cheatsheats
Red Team Notes Mantvydas Baranauskas A list of red teaming and penetration testing notes on various tools and techniques utilized by penetration testers, red teams, and real adversaries. Link Red team/Pentest notes
Gtfobins Emilio Pinna, Andrea Cardaci A curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems. Link Unix binaries
LOLBAS Oddvar Moe Contains a list of Windows binaries, scripts, and libraries that can be used for executing codes, Compiling code, UAC bypass, Persistance, etc Link Windows binaries/scripts
0xBEN Benjamin H. 0xBEN's blog featuring cybersecurity/IT resources, cheat sheets, and write-ups. Link Cybersecurity/IT blog
IppSec IppSec IppSec's website that helps streamline your search for his YouTube videos and courses on HTB walkthroughs and techniques Link CTF (HTB) videos
0xdf hacks stuff 0xdf 0xdf's website with detailed write-ups on HTB machines Link CTF (HTB) write-ups
Goal Kicker Unknown Provides free exceptional programming notes covering 49 different types of programming languages, including scripting languages such as python and powershell Link Programming/Scripting language notes
The Hacker Recipes Charlie Bromberg Provides technical guides on various hacking topics as well as advanced topics such as Active Directory and Web services. Link Ethical Hacking guide
harmj0y harmj0y harmj0y's blog covering security researches and attacks on active directory. Link Offsec/Active Directory resource
CyberChef GCHQ A web app for encryption, encoding, compression and data analysis Link Web based security analysis tool
Payloads All The Things Swissky A list of useful payloads and bypass for Web Application Security and Pentest/CTF Link Web App payloads/cheatsheets
SecLists Daniel Miessler, Jason Haddix, g0tmi1k A collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. Link Wordlists
Assetnote Wordlists Assetnote The website provides wordlists that are up to date and effective against the most popular technologies on the internet. Link Wordlists
Speed Guide SG Staff The site offers free network tools and covers Broadband Internet connections, network security, wireless and system performance. A large section focuses on Cable Modems and DSL technology, stressing on improving TCP/IP performance over high speed/latency networks. Link Network/Security resource
pentestmonkey pentestmonkey Contains pentest blogs, tools, and cheatsheets Link Pentest cheatsheets
Awesome Hacker Search Engines Edoardo Ottavianelli A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more. Link Pentest search engines
HackTools Ludovic COULON, Riadh BOUCHAHOUA A web extension facilitating web application penetration tests, it includes cheatsheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. Link Web App tool/cheatsheet
NetSPI Blog NetSPI A blog on various Pentest, Red Team, General Offsec focused topics. Link Pentest/Red Team in depth
Hacking Articles Raj Chandel - Founder and Others Detailed and Summarised articles on various Pentest and Red Team topics, Offsec Tools and CTF writeups Link Detailed Pentest/Red Team Blog
PortSwigger Web Security Academy PortSwigger An academy with lessons and hands on lab to learn WebApp Pentesting Link WebApp Security Lessons & Labs
Juggernaut Pentesting Academy Juggernaut Extensive blog on General Offsec, Read Teaming and Pentesting Topics Link Pentest, Red Team, Offsec Topics
Hackersploit Hackersploit Video content on Red Team, Blue Team, Android Sec, CTF Writeup, Bug Bounty Link Red/Blue Team, Webapp, Android, Bug Bounty

⭐ Contributing

Contributions are welcomed. This list is not exhaustive, and I might have missed other pertinent resources. Therefore, feel free to add useful pentest/redteam resources to the list. The resources could be for pentesting tools, techniques, cheatsheets, write-ups, blogs, payloads, and wordlists.

I appreciate your contributions to Pentest-Resources-Cheat-Sheets and look forward to working together to improve this project!

How to Contribute

  1. Fork the Repository: Start by forking the Pentest-Resources-Cheat-Sheets repository to your GitHub account. You can do this by clicking the "Fork" button on the top right of the repository page.

  2. Clone the Repository: Clone your forked repository to your local machine using the following command, replacing /bL34cHig0/ with your GitHub username and your-feature-name with your desired name:

    git clone https://github.com/bL34cHig0/Pentest-Resources-Cheat-Sheets.git
    
  3. Create a Branch: Before making changes, create a new branch for your work:

    git checkout -b feature/your-feature-name
    

    Be sure to choose an appropriate branch name that describes the purpose of your changes.

  4. Make Your Changes: Make your desired changes to the list and follow the format.

  5. Commit Your Changes: Commit your changes with clear and concise commit messages:

    git commit -m "Add feature/fix: describe your changes here"
    
  6. Push Your Changes: Push your changes to your forked repository:

    git push origin feature/your-feature-name
    
  7. Submit a Pull Request (PR): Go to the original repository and click the "New Pull Request" button. Provide a detailed description of your changes, why they are necessary, and any relevant context.

Reporting Issues

If you would like to discuss improvements, please open an issue on the GitHub repository or reach out to me via LinkedIn

Note

Some of these websites and github repos are open-source. Contributors not mentioned are credited on each projects' official page.

About

This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-ups, tools, techniques, programming/scripting notes, and more. I documented them in this repo to provide like-minded offensive security enthusiasts and professionals easy access to these valuable resources.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published