🧿 Post-Exploitation

• Awesome Windows Post Exploitation - Collection of resources for Windows Post-Exploitation
• HackTricks - Post Exploitation - HackTricks Collection of Post-Exploitation

🗝 Privilege Escalation

• Windows / Linux Local Privilege Escalation Workshop - The Privilege Escalation Workshop covers all known (at the time) attack vectors of local user privilege escalation on both Linux and Windows operating systems and includes slides, videos, test VMs.
• Linux_Exploit_Suggester.pl v2 - Next-generation exploit suggester based on Linux_Exploit_Suggester (updated)
• Linux Soft Exploit Suggester - linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities
• Basic Linux Privilege Escalation - Linux Privilege Escalation by [@g0tmi1k](https://twitter.com/g0tmi1k)
• PowerUp - Excellent powershell script for checking of common Windows privilege escalation vectors. Written by [harmj0y](https://twitter.com/harmj0y) [(direct link)](https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Privesc/PowerUp.ps1)
• PowerUp Cheat Sheet

🎯 Exploitation

• SQLite3 Injection Cheat Sheet

Privilege Escalation

• linux-exploit-suggester.sh - Linux privilege escalation auditing tool written in bash (updated).
• checksec.sh - Bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source).
• LinEnum - This tool is great at running through a heap of things you should check on a Linux system in the post exploit process. This include file permissions, cron jobs if visible, weak credentials etc.(@Rebootuser).
• linPEAS - LinPEAS - Linux Privilege Escalation Awesome Script. Check the Local Linux Privilege Escalation checklist from [book.hacktricks.xyz](https://book.hacktricks.xyz).
• MimiPenguin - A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. .
• Windows Exploit Suggester - Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits.
• Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
• Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities.
• Precompiled Windows Exploits - Collection of precompiled Windows exploits.
• Metasploit Modules

Exploitation

• PowerView 2.0 Tricks
• PowerView 3.0 Tricks
• PHP htaccess Injection Cheat Sheet - PHP htaccess Injection Cheat Sheet by PHP Secure Configuration Checker.
• Empire Cheat Sheet - [Empire](http://www.powershellempire.com) is a PowerShell and Python post-exploitation framework.
• Java Deserialization Cheat Sheet - A cheat sheet for pentesters about Java Native Binary Deserialization vulnerabilities.
• Local File Inclusion (LFI) Cheat Sheet #1 - Arr0way's LFI Cheat Sheet.
• Local File Inclusion (LFI) Cheat Sheet #2 - Aptive's LFI Cheat Sheet.
• Metasploit Cheat Sheet - A quick reference guide [(PNG version)](docs/Metasploit-CheatSheet.png)[(PDF version)](docs/Metasploit-CheatSheet.pdf).
• PowerSploit Cheat Sheet - [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) is a powershell post-exploitation framework.

Azure

Discovery

• Censys - Similar to shodan, search engine for specific devices including IoT.
• Google Dorks - Google Dorks Hacking Database (Exploit-DB).
• ZoomEye - Zoomeye is a Cyberspace Search Engine recording information of devices, websites, services and components etc.
• Amass - OWASP Network mapping of attack surfaces and external asset discovery using open source information.

Enumeration

• 0xdf - SMB Enumeration - 0xdf's SMB Enumeration Cheat Sheet.
• CrackMapExec Cheatsheet - Cheat sheet for CrackMapExec (CME).
• enum4linux-ng - Python tool for enumerating information from Windows/Samba systems.
• OSCP Enumeration Cheat sheet - Cheat sheet for Enumeration for OSCP Certificate.

Privilege Escalation

• OWASP Web Security Testing Guide
• Awesome Web Hacking - Collection of resources for Web Pentesting #1.

Privilege Escalation

• Vulnhub.com - Vulnerable By Design VMs for practical 'hands-on' experience in digital security.
• Damn Vulnerable Xebia Training Environment - Docker Container including several vurnerable web applications (DVWA,DVWServices, DVWSockets, WebGoat, Juiceshop, Railsgoat, django.NV, Buggy Bank, Mutilidae II and more).
• Vulnerable Flask Web App - Vulnerable Flask Web App lab environment.

🗝 Privilege Escalation

• TryHackMe - Free online platform for learning cyber security & penetration testing

Privilege Escalation

• Awesome BugBounty Tools - A curated list of various bug bounty tools.
• bug-bounty-platforms - Open-Sourced Collection of Bug Bounty Platforms.
• m0chan - Bug Bounty Methodology - m0chan's Bug Bounty Methodology Collection.
• NahamSec - Resources for Beginners - NahamSec's Resources for Beginner Bug Bounty Hunters Collection.
• AllAboutBugBounty - BugBounty notes gathered from various sources.
• Bug-Bounty-Resources - Collection of Bug Bounty Resources #1.
• Bug-Bounty-Resources - Collection of Bug Bounty Resources #2.

Tools Online

• XSS'OR Encoder/Decoder - Online Decoder/Encoder for testing purposes (@evilcos).
• Hackvertor - Tool to convert various encodings and generate attack vectors (@garethheyes).
• XSS'OR Encoder/Decoder - Online Decoder/Encoder for testing purposes (@evilcos)
• WebGun - WebGun, XSS Payload Creator (@brutelogic)
• revshells.com - Reverse shell payload generator ([Source code](https://github.com/0dayCTF/reverse-shell-generator))
• Segfault - Segfault: Free disposable root servers (by [@THC](https://www.thc.org/))
• suip.biz - Various free online pentesting tools like nmap, wpscan, sqlmap (...)
• revshells.com - Reverse shell payload generator ([Source code](https://github.com/0dayCTF/reverse-shell-generator)).
• suip.biz - Various free online pentesting tools like nmap, wpscan, sqlmap.

Payloads

• Fuzzdb - Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions.
• SecList - A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

Write-Ups

• Bug Bounty Reference - Huge list of bug bounty write-up that is categorized by the bug type (SQLi, XSS, IDOR, etc.).
• Write-Ups for CTF challenges

Wireless Hacking

• wifite2 - Full automated WiFi security testing script .

Defence Topics

• Windows Domain Hardening - A curated list of awesome Security Hardening techniques for Windows.
• Docker Security Cheat Sheet - The following tips should help you to secure a container based system [(PDF version)](docs/DockerCheatSheet.pdf)

Programming

• JavaScript Cheat Sheet - Learn JavaScript in one picture [(Online version)](https://git.io/Js-pic) [(PNG version)](docs/js-in-one-pic.png).
• Python Cheat Sheet #1 - Learn python3 in one picture [(PNG version)](docs/python-3-in-one-pic.png).
• Python Cheat Sheet #2 - Learn python3 in one picture [Online version](https://git.io/Coo-py3) [PNG version](docs/py3-in-one-pic.png).

Tools

• SQLmap Tamper Scripts - SQLmap Tamper Scripts General/MSSQL/MySQL
• VIM Cheatsheet

🗝 Privilege Escalation

• m0chan - Bug Bounty Methodology - m0chan's Bug Bounty Methodology Collection
• Ryan John Bug Bounty Playlist - Collection of Ryan John's BugBounty videos ([11h Full Course Video](https://www.youtube.com/watch?v=TTw-EY7F1rM))
• LiveOverFlow Bug Bounty Playlist - Collection of LiveOverflow's Bug bounty videos
• BBRE Podcast - Bug Bounty Reports Explained Podcast
• Critical Thinking Podcast - Critical Thinking Bug Bounty Podcast

🗝 Privilege Escalation

• Browser's-XSS-Filter-Bypass-Cheat-Sheet - Excellent List of working XSS bypasses running on the latest version of Chrome / Safari, IE 11 / Edge created by Masato Kinugawa
• Web Pentest Checklist - Checklist for Web Application Penetration Tests
• OWASP VWAD - Registry of all known vulnerable web applications currently available.
• Google CSP Evaluator - evaluator/fjohamlofnakbnbfjkohkbdigoodcejf))
• SQL Injection Cheatsheet - PortSwigger SQL Injection Cheat Sheet
• Cross-Site-Scripting Cheat sheet - Site-Scripting (XSS) Cheat sheet
• Awesome Web Security - Collection of resources for Web Pentesting #2
• XSS Polyglot Payloads #1 - Unleashing an Ultimate XSS Polyglot list by 0xsobky
• PortSwigger Web Penetration Testing Labs

Android

• Android Pentest Checklist Xmind - Xmind mindmap for Android Penetration Tests.
• MASTG - OWASP Mobile Application Security Testing Guide [[PDF]](https://github.com/OWASP/owasp-mastg/releases/download/v1.4.0/OWASP_MSTG-v1.4.0.pdf).
• Android Pentesting Checklist - Case-by-case Checklist for Android Pentests.
• Android Pentesting Cheat sheet - Android Pentesting Resources #1.
• InjuredAndroid
• Damn vulnerable Bank
• InsecureShop
• AndroGoat
• Android-Insecurebankv2
• OVAA
• DIVA

Apple

• Hacktricks iOS Checklist - Another Checklist for iOS/IPA Penetration Tests | Hacktricks Cloud.
• PentestGlobal IOS gitbook - Gitbook about iOS Pentesting.
• Can i jailbreak? - List of each jailbreak needed for each iOS version.
• Jailbreaks.app - Downloads for Odyssey, Taurine Jailbreaks.
• iOS Pentest Checklist - Checklist for iOS/IPA Penetration Tests.

• Mobile App Pentest Cheat Sheet - Collection of resources on Apple & iOS Penetration Testing.

Kubernetes

• Part 2
• Part 3
• Awesome Kubernetes (K8s) Security - Collection of Kubernetes security resources.
• Kubetools - Kubernetes security tools.
• HackingKubernetes - Collection of Kubernetes Pentesting Resources.
• Kubernetes Goat - Vulnerable-by-Design cluster environment for training.
• KubePwn - Another Collection of resources about Kubernetes security.

Azure

• Awesome Azure Pentest - A curated list of useful tools and resources for penetration testing and securing Microsofts cloud platform Azure.

Kubernetes

• Part 1

Azure

• HackTricks - Azure Pentesting - HackTricks Collection of Kubernetes Pentesting

Azure

• OSCP Active Directory Cheat Sheet - Cheat sheet for Active Directory Attacks used in OSCP.
• WADComs - Interactive cheat sheet - list of offensive security tools and their respective commands to be used against Windows/AD environments.
• Ultimate BloodHound Guide - The Ultimate Guide for BloodHound Community Edition (BHCE).
• Active Directory Exploitation Cheat Sheet - Cheat sheet for Active Directory Exploitation.
• GOAD - Vulnerable-by-Design Active Directory environment.
• Windows Red Team Cheat sheet - Windows for Red Teamers Cheat Sheet ([Moved to wiki](https://notes.morph3.blog/)).
• Resource Collection #1 - Collection of Active Directory Pentesting resources #1.
• Resource Collection #2 - Collection of Active Directory Pentesting resources #2.
• Resource Collection #3 - Collection of Active Directory Pentesting resources #3.
• Resource Collection #4 - Collection of Active Directory Pentesting resources #4.

🗝 Privilege Escalation

• Binary Exploitation Red Team Notes - ired.team notes for Binary Exploitation
• Binary Exploitation Notes - Ir0nstone's Binary Exploitation Notes
• Sticky Notes Binary Exploitation - Sticky Notes colletion for Binary Exploitation
• PwnTools Cheat sheet - Cheat sheet for PwnTools python library
• pwndbg Cheat sheet - Cheat sheet for pwndbg GDB plug-in
• GDB PEDA Cheat sheet - Cheat sheet for PEDA GDB plug-in