Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zishanadthandar/pentest

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
https://github.com/zishanadthandar/pentest

activedirectory cheetsheet cyber-security cybersecurity cybersecurity-tool ethical-hacking hacking hacking-tool infosec penetration-testing penetration-testing-tools pentest pentesting powershell redteam redteaming security web-application-penetration-testing web-application-security whitehat-hacker

Last synced: 7 days ago
JSON representation

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.

Host: GitHub
URL: https://github.com/zishanadthandar/pentest
Owner: ZishanAdThandar
License: gpl-3.0
Created: 2020-04-09T08:53:51.000Z (almost 5 years ago)
Default Branch: main
Last Pushed: 2025-01-04T16:23:52.000Z (17 days ago)
Last Synced: 2025-01-08T10:02:19.778Z (14 days ago)
Topics: activedirectory, cheetsheet, cyber-security, cybersecurity, cybersecurity-tool, ethical-hacking, hacking, hacking-tool, infosec, penetration-testing, penetration-testing-tools, pentest, pentesting, powershell, redteam, redteaming, security, web-application-penetration-testing, web-application-security, whitehat-hacker
Language: PHP
Homepage: https://zishanadthandar.github.io/pentest/
Size: 5.37 MB
Stars: 268
Watchers: 9
Forks: 43
Open Issues: 0
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

        # Pentester Guide

A Comprehensive Resource for Pentesters: Tools, Methodologies, Scripts, Certifications, Learning Resources, Labs, Career Opportunities, Entertainment, and Freelancing Tips.

[![Sponser](https://img.shields.io/github/sponsors/ZishanAdThandar)](https://github.com/sponsors/ZishanAdThandar)

[![ZishanAdThandar's Pentest Repo stars](https://img.shields.io/github/stars/ZishanAdThandar/Pentest)](https://github.com/ZishanAdThandar/pentest)

[![License: GPL v3](https://img.shields.io/github/license/ZishanAdThandar/pentest)](https://www.gnu.org/licenses/gpl-3.0)

[![YouTube](https://img.shields.io/youtube/channel/subscribers/UChgqXa2j7ZKkHX2Y76tSxoA)](https://youtube.com/@hackerstation)

[![LinkTree](https://img.shields.io/badge/Link-Tree-bbd343)](https://zishanadthandar.github.io/linktree/)

![Banner Pentester Guide](./banner.png)

## Contents

- [Important Notes](#important-notes)

- [Certifications](#certifications)

- [Pentesting Practice Platforms](#pentesting-practice-platforms)

- [Foss Labs](#foss-labs)

- [Bug Bounty Hunting Platforms](#bug-bounty-hunting-platforms)

- [Independent Pentesting Platforms](#independent-pentesting-platforms)

- [0Day Market](#0Day-market)

- [Operating System for Hacking](#best-os-for-hacking)

- [Awesome Links](#awesome-links)

- [Hackers Manuals](#hackers-manuals)

- [About Me](#about-me)

- [Sponsor](#sponsor)

## Important Notes

1. [Tools](./notes/TOOLS.md)

2. [Active Directory](./notes/ActiveDirectory.md)

3. [All about Pentesting](./notes/AllAboutPentesting.md)

4. [Bug Bounty Hunting Methodology](./notes/BugBountyHuntingMethodology.md)

5. [HackiFy Wordlist and Tool Installer Script](https://github.com/ZishanAdThandar/hackify)

6. [Cyber Security / Bug Bounty Hunting Roadmap](./notes/CyberSecurityRoadmap.md)

## Certifications



  

INE eJPT $249

  

AlteredSecurity CRTP $249

  

TCM Security PNPT $499

  

INE eCPPT $599

  

Offensive Security - PEN-200 (OSCP) $1649

  

HTB CPTS With Annual Silver Plan $490

  

Offensive Security - PEN-300 (OSEP) $1649

  

Google Cybersecurity Professional Certificate Almost Free (Less than $20 for one month) 

  

Microsoft Certified: Azure Security Engineer Associate (Cloud) $146

  

CompTIA Security+ $500 Exam Voucher   

  

CREST CRT $500

  

ISC2 CISSP $750

  

ISC2 CCSP $599

  

SANS SEC560: Enterprise Penetration Testing (GPEN) $2,499

  

SANS SEC660: GIAC Exploit Researcher and Advanced Penetration Tester $2,499



Note: Price may vary.

## Pentesting Practice Platforms



   VulnHub (Offsec) Free

   VulnMachines (BlackHat) Free

   Web Security Academy (PortSwigger Labs) Free

   TryHackMe Free + Paid

   pwnable.kr Free

   pwnable.tw Free

   HackTheBox Free + Paid

   https://sec-dojo.com/en Paid

   root-me Free

   PentesterAcademy (Attackdefence) Free + Paid

   Pentester Lab Free + Paid



## FOSS Labs

1. [Vulhub](https://github.com/vulhub/vulhub)

2. [Metasploitable3 Box](https://github.com/rapid7/metasploitable3)

3. [OWASP Juice (WEB)](https://owasp.org/www-project-juice-shop)

4. [DVWA (WEB)](https://github.com/digininja/DVWA)

5. [WebGOAT (WEB)](https://owasp.org/www-project-webgoat)

6. [Kubernetes GOAT](https://github.com/madhuakula/kubernetes-goat)

7. [Wrong Secrets (WEB)](https://owasp.org/www-project-wrongsecrets)

8. [SQLi Lab](https://github.com/Audi-1/sqli-labs)

9. [HackerOne CTF](https://github.com/Hacker0x01/hacker101)

10. [For More Check: Awesome Vulnerable App List](https://github.com/vavkamil/awesome-vulnerable-apps)

## Bug Bounty Hunting Platforms

1. [Hackerone](https://www.hackerone.com/)

2. [Bugcrowd](https://www.bugcrowd.com/bug-bounty-list/)

3. [Intigriti](https://www.intigriti.com/programs)

4. [YesWeHack](https://yeswehack.com/programs)

5. [RedStorm](https://www.redstorm.io/program)

6. [Zerocopter](https://zerocopter.com)

7. [OpenBugBounty](https://www.openbugbounty.org/bugbounty-list)

8. [Immunify Web3](https://immunefi.com/bug-bounty/)

9. [HackenProof WEB3](https://hackenproof.com/)

## Independent Pentesting Platforms

1. [Yogosha](https://app.yogosha.com)

2. [Synack](https://www.synack.com)

3. [Cobalt](https://cobalt.io)

## 0Day Market

1. [CrowdFense](https://www.crowdfense.com/exploit-acquisition-program/)

2. [Zerodium (0day Bounty)](https://zerodium.com/program.html)

## Best OS for Hacking

1. [BackBox](https://linux.backbox.org/download/)

2. [ParrotSec Security Edition](https://parrotsec.org/download/)

3. [Kali Linux (OFFSEC)](https://www.kali.org/get-kali/#kali-platforms)

4. [BlackArch](https://blackarch.org/downloads.html)

  

## Awesome Links

1. [The Book of Secret Knowledge](https://github.com/trimstray/the-book-of-secret-knowledge) 

2. [Sirensecurity.io Windows Privilege Escalation Resources](https://sirensecurity.io/blog/windows-privilege-escalation-resources/)

3. [Awesome Link List by Sindre Sorhus](https://github.com/sindresorhus/awesome?tab=readme-ov-file#security)

4. [cheatography.com cheatsheets](https://cheatography.com)

## Hackers Manuals

1. [HackTricks](https://book.hacktricks.xyz)

2. [HackingArticles.in](https://www.hackingarticles.in)

3. [InternalAllTheThings by swisskyrepo](https://swisskyrepo.github.io/InternalAllTheThings)

4. [eloypgz.org Active Directory](https://web.archive.org/web/20231207200447/https://zer1t0.gitlab.io/posts/attacking_ad/)

5. [ExplainShell (Command Manual)](https://explainshell.com)

6. [Reverse Shell making Tool](https://www.revshells.com)

7. [Hashcat Example Hashes](https://hashcat.net/wiki/doku.php?id=example_hashes)

8. [GTFObins Priviledge Escalation Cheetsheet](https://gtfobins.github.io)

9. [LOLBAS Binaries, Scripts and Libraries Exploit](https://lolbas-project.github.io)

10. [loldrivers Drivers Exploits](https://www.loldrivers.io/)

11. [WADComs Windows AD Cheetsheat](https://wadcoms.github.io)

12. [Exploit List haxx.it](https://sploitify.haxx.it/)

## Books

1. [The Web Applicaiton Hacker's Handbook](https://github.com/0x000NULL/CSSR/blob/master/DOWNLOADED/OSCPRepo-master/PDFs%26Documents/Recommended%20Books/The%20Web%20Application%20Hackers%20Handbook%202nd%20Edition.pdf)

2. [Web Hacking Arsenal](https://www.linkedin.com/posts/rafaybaloch_web-hacking-arsenal-a-practical-guide-to-activity-7229121194522759168-QUsw/)

3. [Brute XSS Payload Collection By Rodolfo Assis](https://leanpub.com/brutexss)

4. [THERCEMAN Bug Bounty CheetSheat Book](https://therceman.gumroad.com/l/book)

## About Me

| Platform  | Link  |

|-----------|-------|

| LinkedIn  | [LinkedIn.com/in/ZishanAdThandar](https://www.linkedin.com/in/ZishanAdThandar) |

| YouTube   | [YouTube.com/ZishanAdThandar](https://youtube.com/ZishanAdThandar) |

| LinkTree  | [ZishanAdThandar.github.io/linktree](https://ZishanAdThandar.github.io/linktree) |

| Twitter   | [twitter.com/ZishanAdThandar](https://x.com/ZishanAdThandar) |

| Telegram  | [ZishanAdThandar.t.me](https://ZishanAdThandar.t.me) |

| GitHub    | [GitHub.com/ZishanAdThandar](https://github.com/ZishanAdThandar) |

| Portfolio | [ZishanAdThandar.github.io](https://ZishanAdThandar.github.io) |

| Resume    | [ZishanAdThandar.github.io/CV.pdf](https://ZishanAdThandar.github.io/CV.pdf) |

## Sponsor  

1. [https://github.com/sponsors/ZishanAdThandar](https://github.com/sponsors/ZishanAdThandar)

2. [https://ZishanAdThandar.github.io/sponsor/](https://ZishanAdThandar.github.io/sponsor/)