开源软件名称: OlivierLaflamme/Cheatsheet-God开源软件地址: https://github.com/OlivierLaflamme/Cheatsheet-God开源编程语言: 开源软件介绍:
+ UPDATE: Added my huge link of bookmarks / references ❤️ Do you have a million bookmarks saved? Do all of those bookmarks contain unique information? Github repos starred for later?
Well this is a compilation of all of these resources into a single repo known as Cheatsheet-God . No more need for bookmarked links. No need to open a web browser. Its all here for you.
This is a collection of resources, scripts and easy to follow how-to's. I have been gathering (and continuing to gather) in preparation for the OSCP as well as for general pentesting. Feel free to use however you want!
All contributions are welcomed! If you feel like you can contribute and make these documents more complete, please do! I'll acknowledge you.
Here's what you do:
Create Issue Request describing your enhancement
Fork this repository
Push some code to your fork
Come back to this repository and open a PR
After some review, get that PR merged to master
Make sure to update Issue Request so that I can credit you! You ROCK!
Feel free to also open an issue with any questions, help wanted, or requests!
Inspiration: Making a cheatsheet god would be proud of using.
Hat tip to anyone who ever contributed
-> Much thanks to MrTsRex for Cheatsheet_Windows.txt enumerating Windows version vulnerabilities
-> Much thanks to susmithaaa for his contribution to Cheatsheet_PenTesting.txt password attacks section
-> Much thanks to akshaycbor for his contribution to Cheatsheet_MobileAppTesting.txt regarding apk repackaging instructions
A_Can_Of_Tuna
Hack The Box Attack Defense 1000+ Labs! VulnHub Root.me Penetration Testing Practice Lab / Vulnerable Apps/Systems Vulhub Vulapps Vulnspy Upload-Labs TryHackMe
https://scriptkidd1e.wordpress.com/oscp-journey/ http://www.securitysift.com/offsec-pwb-oscp/ http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/ http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html http://hackingandsecurity.blogspot.com Http://carnal0wnage.blogspot.com/ Http://www.mcgrewsecurity.com/ Http://www.gnucitizen.org/blog/ Http://www.darknet.org.uk/ Http://spylogic.net/ Http://taosecurity.blogspot.com/ Http://www.room362.com/ Http://blog.sipvicious.org/ Http://blog.portswigger.net/ Http://pentestmonkey.net/blog/ Http://jeremiahgrossman.blogspot.com/ Http://i8jesus.com/ Http://blog.c22.cc/ Http://www.skullsecurity.org/blog/ Http://blog.metasploit.com/ Http://www.darkoperator.com/ Http://blog.skeptikal.org/ Http://preachsecurity.blogspot.com/ Http://www.tssci-security.com/ Http://www.gdssecurity.com/l/b/ Http://websec.wordpress.com/ Http://bernardodamele.blogspot.com/ Http://laramies.blogspot.com/ Http://www.spylogic.net/ Http://blog.andlabs.org/ Http://xs-sniper.com/blog/ Http://www.commonexploits.com/ Http://www.sensepost.com/blog/ Http://wepma.blogspot.com/ Http://exploit.co.il/ Http://securityreliks.wordpress.com/ Http://www.madirish.net/index.html Http://sirdarckcat.blogspot.com/ Http://reusablesec.blogspot.com/ Http://myne-us.blogspot.com/ Http://www.notsosecure.com/ Http://blog.spiderlabs.com/ Http://www.corelan.be/ Http://www.digininja.org/ Http://www.pauldotcom.com/ Http://www.attackvector.org/ Http://deviating.net/ Http://www.alphaonelabs.com/ Http://www.smashingpasswords.com/ Http://wirewatcher.wordpress.com/ Http://gynvael.coldwind.pl/ Http://www.nullthreat.net/ Http://www.question-defense.com/ Http://archangelamael.blogspot.com/ Http://memset.wordpress.com/ Http://sickness.tor.hu/ Http://punter-infosec.com/ Http://www.securityninja.co.uk/ Http://securityandrisk.blogspot.com/ Http://esploit.blogspot.com/ Http://www.pentestit.com/
Http://sla.ckers.org/forum/index.php Http://www.ethicalhacker.net/ Http://www.backtrack-linux.org/forums/ Http://www.elitehackers.info/forums/ Http://www.hackthissite.org/forums/index.php Http://securityoverride.com/forum/index.php Http://www.iexploit.org/ Http://bright-shadows.net/ Http://www.governmentsecurity.org/forum/ Http://forum.intern0t.net/
Http://www.net-security.org/insecuremag.php Http://hakin9.org/
Http://www.hackernews.com/ Http://www.securitytube.net/ Http://www.irongeek.com/i.php?page=videos/aide-winter-2011 Http://avondale.good.net/dl/bd/ Http://achtbaan.nikhef.nl/27c3-stream/releases/mkv/ http://www.youtube.com/user/ChRiStIaAn008 http://www.youtube.com/user/HackingCons https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A https://www.youtube.com/channel/UCFmjA6dnjv-phqrFACyI8tw https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w https://www.youtube.com/user/RootOfTheNull https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html http://www.pentest-standard.org/index.php/Main_Page http://projects.webappsec.org/w/page/13246978/Threat-Classification http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Http://www.social-engineer.org/
Http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-1-social-networks/ http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-%E2%80%93-part-2-blogs-message-boards-and-metadata/ Http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-3-monitoring/ http://www.slideshare.net/Laramies/tactical-information-gathering Http://www.sans.org/reading_room/whitepapers/privacy/document_metadata_the_silent_killer__32974 Http://infond.blogspot.com/2010/05/toturial-footprinting.html
Http://www.spokeo.com/ Http://www.123people.com/ Http://www.xing.com/ Http://www.zoominfo.com/search Http://pipl.com/ Http://www.zabasearch.com/ Http://www.searchbug.com/default.aspx Http://theultimates.com/ Http://skipease.com/ Http://addictomatic.com/ Http://socialmention.com/ Http://entitycube.research.microsoft.com/ Http://www.yasni.com/ Http://tweepz.com/ Http://tweepsearch.com/ Http://www.glassdoor.com/index.htm Http://www.jigsaw.com/ http://searchwww.sec.gov/EDGARFSClient/jsp/EDGAR_MainAccess.jsp Http://www.tineye.com/ Http://www.peekyou.com/ Http://picfog.com/ Http://twapperkeeper.com/index.php
Http://uptime.netcraft.com/ Http://www.serversniff.net/ Http://www.domaintools.com/ Http://centralops.net/co/ Http://hackerfantastic.com/ Http://whois.webhosting.info/ Https://www.ssllabs.com/ssldb/analyze.html Http://www.clez.net/ Http://www.my-ip-neighbors.com/ Http://www.shodanhq.com/ Http://www.exploit-db.com/google-dorks/ Http://www.hackersforcharity.org/ghdb/ Http://www.exploit-db.com/ Http://www.cvedetails.com/ Http://www.packetstormsecurity.org/ http://www.securityforest.com/wiki/index.php/Main_Page Http://www.securityfocus.com/bid Http://nvd.nist.gov/ Http://osvdb.org/ http://www.nullbyte.org.il/Index.html Http://secdocs.lonerunners.net/ http://www.phenoelit-us.org/whatSAP/index.html Http://secunia.com/ Http://cve.mitre.org/ Http://www.cheat-sheets.org/ Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/
Http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/ Http://blog.commandlinekungfu.com/ Http://www.securityaegis.com/simple-yet-effective-directory-bruteforcing/ Http://isc.sans.edu/diary.html?storyid=2376 Http://isc.sans.edu/diary.html?storyid=1229 Http://ss64.com/nt/ Http://pauldotcom.com/2010/02/running-a-command-on-every-mac.html Http://synjunkie.blogspot.com/2008/03/command-line-ninjitsu.html Http://www.zonbi.org/2010/06/09/wmic-the-other-other-white-meat/ Http://rstcenter.com/forum/22324-hacking-without-tools-windows.rst http://www.coresecurity.com/files/attachments/Core_Define_and_Win_Cmd_Line.pdf http://www.scribd.com/Penetration-Testing-Ninjitsu2-Infrastructure-and-Netcat-without-Netcat/d/3064507 Http://www.pentesterscripting.com/ Http://www.sans.org/reading_room/whitepapers/hackers/windows-script-host-hack-windows_33583 http://www.blackhat.com/presentations/bh-dc-10/Bannedit/BlackHat-DC-2010-Bannedit-Advanced-Command-Injection-Exploitation-1-wp.pdf
http://en.wikipedia.org/wiki/IPv4_subnetting_reference Http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/ Http://shelldorado.com/shelltips/beginner.html Http://www.linuxsurvival.com/ http://mywiki.wooledge.org/BashPitfalls Http://rubular.com/ Http://www.iana.org/assignments/port-numbers Http://www.robvanderwoude.com/ntadmincommands.php Http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/
Http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf Http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html Http://h.ackack.net/cheat-sheets/netcat
Http://www.backtrack-linux.org/ Http://www.matriux.com/ Http://samurai.inguardians.com/ http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project Https://pentoo.ch/ Http://www.hackfromacave.com/articles_and_adventures/katana_v2_release.html Http://www.piotrbania.com/all/kon-boot/ Http://www.linuxfromscratch.org/ Http://sumolinux.suntzudata.com/ Http://blog.0x0e.org/2009/11/20/pentesting-with-an-ubuntu-box/#comments Http://www.backbox.org/
Http://sourceforge.net/projects/websecuritydojo/ http://code.google.com/p/owaspbwa/wiki/ProjectSummary Http://heorot.net/livecds/ Http://informatica.uv.es/~carlos/docencia/netinvm/ Http://www.bonsai-sec.com/en/research/moth.php Http://blog.metasploit.com/2010/05/introducing-metasploitable.html Http://pynstrom.net/holynix.php Http://gnacktrack.co.uk/download.php Http://sourceforge.net/projects/lampsecurity/files/ Https://www.hacking-lab.com/news/newspage/livecd-v4.3-available.html Http://sourceforge.net/projects/virtualhacking/files/ Http://www.badstore.net/ Http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 Http://www.dvwa.co.uk/ Http://sourceforge.net/projects/thebutterflytmp/
Http://www.oldapps.com/ Http://www.oldversion.com/ Http://www.exploit-db.com/webapps/ Http://code.google.com/p/wavsep/downloads/list http://www.owasp.org/index.php/Owasp_SiteGenerator Http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx Http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx Http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx Http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
Http://www.webscantest.com/ http://crackme.cenzic.com/Kelev/view/home.php http://zero.webappsecurity.com/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Http://testaspnet.vulnweb.com/ Http://testasp.vulnweb.com/ Http://testphp.vulnweb.com/ Http://demo.testfire.net/ Http://hackme.ntobjectives.com/
Http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html Http://www.mgraziano.info/docs/stsi2010.pdf Http://www.abysssec.com/blog/2010/05/past-present-future-of-windows-exploitation/ Http://www.ethicalhacker.net/content/view/122/2/ http://code.google.com/p/it-sec-catalog/wiki/Exploitation Http://x9090.blogspot.com/2010/03/tutorial-exploit-writting-tutorial-from.html Http://ref.x86asm.net/index.html
http://www.woodmann.com/TiGa/idaseries.html Http://www.binary-auditing.com/ Http://visi.kenshoto.com/ Http://www.radare.org/y/ Http://www.offensivecomputing.net/
Http://www.irongeek.com/i.php?page=videos/password-exploitation-class Http://cirt.net/passwords Http://sinbadsecurity.blogspot.com/2008/10/ms-sql-server-password-recovery.html Http://www.foofus.net/~jmk/medusa/medusa-smbnt.html Http://www.foofus.net/?page_id=63 Http://hashcrack.blogspot.com/ Http://www.nirsoft.net/articles/saved_password_location.html Http://www.onlinehashcrack.com/ Http://www.md5this.com/list.php ?Http://www.virus.org/default-password Http://www.phenoelit-us.org/dpl/dpl.html Http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html
Http://contest.korelogic.com/wordlists.html http://packetstormsecurity.org/Crackers/wordlists/ http://www.skullsecurity.org/wiki/index.php/Passwords Http://www.ericheitzman.com/passwd/passwords/
Http://www.sans.org/reading_room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation_33283 Http://www.sans.org/reading_room/whitepapers/testing/crack-pass-hash_33219 Http://carnal0wnage.blogspot.com/2008/03/using-pash-hash-toolkit.html
Http://www.giac.org/certified_professionals/practicals/gsec/0810.php http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf Http://www.cs.uiuc.edu/class/sp08/cs498sh/slides/dsniff.pdf Http://www.techvibes.com/blog/a-hackers-story-let-me-tell-you-just-how-easily-i-can-steal-your-personal-data http://www.mindcenter.net/uploads/ECCE101.pdf Http://toorcon.org/pres12/3.pdf http://media.techtarget.com/searchUnifiedCommunications/downloads/Seven_Deadliest_UC_Attacks_Ch3.pdf Http://packetstormsecurity.org/papers/wireless/cracking-air.pdf Http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf http://www.oact.inaf.it/ws-ssri/Costa.pdf Http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-sam_bowne-hijacking_web_2.0.pdf http://mcafeeseminar.com/focus/downloads/Live_Hacking.pdf http://www.seanobriain.com/docs/PasstheParcel-MITMGuide.pdf http://www.more.net/sites/default/files/2010JohnStrandKeynote.pdf http://www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista/18.Ettercap_Spoof.pdf http://bandwidthco.com/whitepapers/netforensics/arp/EtterCap%20ARP%20Spoofing%20&%20Beyond.pdf http://bandwidthco.com/whitepapers/netforensics/arp/Fun%20With%20EtterCap%20Filters.pdf http://www.iac.iastate.edu/iasg/libarchive/0910/The_Magic_of_Ettercap/The_Magic_of_Ettercap.pdf Http://articles.manugarg.com/arp_spoofing.pdf http://academy.delmar.edu/Courses/ITSY2430/eBooks/Ettercap(ManInTheMiddleAttack-tool).pdf http://www.ucci.it/docs/ICTSecurity-2004-26.pdf http://web.mac.com/opticrealm/iWeb/asurobot/My%20Cyber%20Attack%20Papers/My%20Cyber%20Attack%20Papers_files/ettercap_Nov_6_2005-1.pdf Http://blog.spiderlabs.com/2010/12/thicknet.html Http://www.hackyeah.com/2010/10/ettercap-filters-with-metasploit-browser_autopwn/ Http://www.go4expert.com/forums/showthread.php?t=11842 Http://www.irongeek.com/i.php?page=security/ettercapfilter Http://openmaniak.com/ettercap_filter.php Http://www.irongeek.com/i.php?page=videos/dns-spoofing-with-ettercap-pharming Http://www.irongeek.com/i.php?page=videos/ettercap-plugins-find-ip-gw-discover-isolate Http://www.irongeek.com/i.php?page=videos/ettercapfiltervid1 Http://spareclockcycles.org/2010/06/10/sergio-proxy-released/
http://www.edge-security.com/theHarvester.php Http://www.mavetju.org/unix/dnstracer-man.php Http://www.paterva.com/web5/
Http://www.sans.org/reading_room/whitepapers/privacy/document-metadata-silent-killer_32974 Http://lcamtuf.coredump.cx/strikeout/ Http://www.sno.phy.queensu.ca/~phil/exiftool/ Http://www.edge-security.com/metagoofil.php Http://www.darkoperator.com/blog/2009/4/24/metadata-enumeration-with-foca.html
Http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ Http://midnightresearch.com/projects/search-engine-assessment-tool/#downloads Http://sqid.rubyforge.org/#next http://voidnetwork.org/5ynL0rd/darkc0de/python_script/dorkScan.html
Http://www.bindshell.net/tools/beef Http://blindelephant.sourceforge.net/ Http://xsser.sourceforge.net/ Http://sourceforge.net/projects/rips-scanner/ Http://www.divineinvasion.net/authforce/ Http://andlabs.org/tools.html#sotf
六六分期app的软件客服如何联系?不知道吗?加qq群【895510560】即可!标题:六六分期
阅读:18031| 2023-10-27
今天小编告诉大家如何处理win10系统火狐flash插件总是崩溃的问题,可能很多用户都不知
阅读:9595| 2022-11-06
今天小编告诉大家如何对win10系统删除桌面回收站图标进行设置,可能很多用户都不知道
阅读:8141| 2022-11-06
今天小编告诉大家如何对win10系统电脑设置节能降温的设置方法,想必大家都遇到过需要
阅读:8522| 2022-11-06
我们在使用xp系统的过程中,经常需要对xp系统无线网络安装向导设置进行设置,可能很多
阅读:8425| 2022-11-06
今天小编告诉大家如何处理win7系统玩cf老是与主机连接不稳定的问题,可能很多用户都不
阅读:9332| 2022-11-06
电脑对日常生活的重要性小编就不多说了,可是一旦碰到win7系统设置cf烟雾头的问题,很
阅读:8390| 2022-11-06
我们在日常使用电脑的时候,有的小伙伴们可能在打开应用的时候会遇见提示应用程序无法
阅读:7826| 2022-11-06
今天小编告诉大家如何对win7系统打开vcf文件进行设置,可能很多用户都不知道怎么对win
阅读:8379| 2022-11-06
今天小编告诉大家如何对win10系统s4开启USB调试模式进行设置,可能很多用户都不知道怎
阅读:7372| 2022-11-06
客服电话
APP下载
官方微信
请发表评论