https://github.com/nixawk/pentest-wiki

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
https://github.com/nixawk/pentest-wiki

hacking pentest security

Last synced: 6 months ago
JSON representation

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

• Host: GitHub
• URL: https://github.com/nixawk/pentest-wiki
• Owner: nixawk
• License: mit
• Created: 2014-11-23T14:17:31.000Z (almost 11 years ago)
• Default Branch: master
• Last Pushed: 2023-09-13T13:51:04.000Z (about 2 years ago)
• Last Synced: 2024-10-29T17:39:49.230Z (about 1 year ago)
• Topics: hacking, pentest, security
• Language: Python
• Homepage:
• Size: 30 MB
• Stars: 3,458
• Watchers: 222
• Forks: 917
• Open Issues: 18
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• security-study-tutorial - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers
• Hacking-Awesome - - A free online security knowledge library for pentesters / researchers (Uncategorized / Uncategorized)
• Awesome-Hacking - Pentest Wiki
• awesome-hacking-lists - nixawk/pentest-wiki - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others. (Python)
• fucking-Awesome-Hacking - Pentest Wiki
• awesome-security-collection - **1956**星 - WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others. (<a id="8c5a692b5d26527ef346687e047c5c21"></a>收集)
• awesome-hacking - Pentest Wiki
• awesome-hacking - Pentest Wiki

README

          
**Authors**: < [nixawk](https://github.com/nixawk) >, < [m1guelpf](https://github.com/m1guelpf) >, < [binarymist](https://github.com/binarymist) >

----

[![pentest-wiki](https://img.shields.io/badge/PENTEST-WIKI-black.svg)](https://github.com/nixawk/pentest-wiki) is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

## Contents

- [![](https://img.shields.io/badge/Information%20Security%20Conferences-Index-blue.svg)](./Information-Security-Conferences)

- [![](https://img.shields.io/badge/Information%20Gathering-Index-blue.svg)](./1.Information-Gathering)  

  - Network Analysis

    - IP

    - [Whois](1.Information-Gathering/How-to-gather-Whois-Information-Gathering.md)

    - [DNS](./1.Information-Gathering/How-to-gather-dns-information.md)

    - Identify Live Hosts

    - IDS/IPS Identification

  - Web Application

    - Web Application Fingerprint

    - CMS Identification

    - Open Source Analysis

    - IDS/IPS Identification

  - OSINT

    - GHDB

    - People

    - Pictures

    - Media

    - Company

    - Document

- [![](https://img.shields.io/badge/Vulnerability%20Assessment-Index-blue.svg)](./2.Vulnerability-Assessment)  

  - Vulnerability Scanners

  - Network Assessment

  - Web Application Assessment

    - [OWASP CheatSheetSeries](https://github.com/OWASP/CheatSheetSeries/tree/master/cheatsheets)

  - Database Assessment

    - [MongoDB](./2.Vulnerability-Assessment/Database-Assessment/mongodb/mongodb_hacking.md)

    - [MySQL](./2.Vulnerability-Assessment/Database-Assessment/mysql)

    - [Postgresql](./2.Vulnerability-Assessment/Database-Assessment/postgresql/postgresql_hacking.md)

    - [Sqlite](./2.Vulnerability-Assessment/Database-Assessment/sqlite/sqlite_hacking.md)

  - Mobile Assessment

    - [Android](./2.Vulnerability-Assessment/Android-Assessment)

    - [OWASP-MASVS](https://github.com/OWASP/owasp-masvs)

    - [OWASP-MSTG](https://github.com/OWASP/owasp-mstg/)

  - OS Assessment

    - [Mac OSX](./2.Vulnerability-Assessment/OS-Assessment/OSX)

- [![](https://img.shields.io/badge/Exploitation%20Tools-Index-blue.svg)](./3.Exploitation-Tools) & [![](https://img.shields.io/badge/Post%20Exploitation-Index-blue.svg)](./4.Post-Exploitation)

  - Network Exploitation

    - [Vulnerable Ports List](./3.Exploitation-Tools/Network-Exploitation/ports_number.md)

    - [Cisco ASA CVE-2016-6366](./4.Post-Exploitation/How-to-hack-Cisco-ASA-with-CVE-2016-6366.md)

  - OS Exploitation

    - Windows

      - [Windows 2008 Active Directory Hacking](./4.Post-Exploitation/Windows_ActiveDirectory/Hacking_Windows_Active_Directory.md)

      - [Windows 2012 Credentials dump](./4.Post-Exploitation/Windows_ActiveDirectory/How-to-dump-windows2012-credentials.md)

      - [Metasploit - run vbs payload in cmd.exe](./4.Post-Exploitation/Windows_ActiveDirectory/Execute_metasploit_vbs_payload_in_cmd_shell.md)

      - [Windows Vssadmin](./4.Post-Exploitation/Windows_ActiveDirectory/How-to-use-vssadmin.md)

  - Web Exploitation

  - Database Exploitation

  - Wireless Exploitation

  - Social Engineering

  - Physical Exploitation

  - Open Source Exploitation

- [![](https://img.shields.io/badge/Privilege%20Escalation-Index-blue.svg)](./5.Privilege-Escalation)

  - Password Attacks

  - Privilege Escalation Media

    - [Windows Privilege Escalation Fundamentals](http://www.fuzzysecurity.com/tutorials/16.html)

    - [Basic Linux Privilege Escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/)

  - Protocol Analysis

  - Spoofing Analysis

- [![](https://img.shields.io/badge/Maintaining%20Access-Index-blue.svg)](./6.Maintaining-Access)

  - OS Backdoors

  - Tunneling

  - Web Backdoors

- [![](https://img.shields.io/badge/Reporting-Index-blue.svg)](./7.Reporting)

  - [Public pentesting reports](https://github.com/juliocesarfort/public-pentesting-reports)

- [![](https://img.shields.io/badge/Books-Index-blue.svg)](./Books)

  - [Penetration Testing Books](./Books/README.md#penetration-testing-books)

  - [Hackers Handbook Series](./Books/README.md#hackers-handbook-series)

  - [Defensive Development](./Books/README.md#defensive-development)

  - [Network Analysis Books](./Books/README.md#network-analysis-books)

  - [Reverse Engineering Books](./Books/README.md#reverse-engineering-books)

  - [Malware Analysis Books](./Books/README.md#malware-analysis-books)

  - [Windows Books](./Books/README.md#windows-books)

  - [Social Engineering Books](./Books/README.md#social-engineering-books)

  - [Lock Picking Books](./Books/README.md#lock-picking-books)

  - [OSINT Books](./Books/README.md#osint-books)

- [![](https://img.shields.io/badge/CTFs-Index-blue.svg)](./CTFS)

  - [Flick](./CTFS/Flick)

  - [Nebula](./CTFS/Nebula)

  - [NullByte-1](./CTFS/NullByte/NullByte-1.md)

- [![](https://img.shields.io/badge/Reverse%20Engineering-Index-blue.svg)](./Reverse-Engineering)

- [![](https://img.shields.io/badge/System%20Services-Index-blue.svg)](./System-Services)

  - [FTP](./System-Services/services/service-ftp.md)

  - [HTTP](https://gist.github.com/willurd/5720255)

## How to contribute

1. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.

2. Fork [the repository](https://github.com/nixawk/pentest-wiki) on GitHub to start making your changes to the **master** branch (or branch off of it).

3. Send a pull request and bug the maintainer until it gets merged and published.

## Links

- [The Penetration Testing Execution Standard](http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines)

- [Penetration Testing Framework 0.59](http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html)

- [How To Become A Hacker](http://www.catb.org/esr/faqs/hacker-howto.html)

- [Github - awesome-pentest](https://github.com/enaqx/awesome-pentest)