Useful penetration testing tools Cheat Sheet
Highon.Coffee has published a useful high level overview of the typical commands you would run when performing a penetration test.
Here the table of contents:
Recon and Enumeration
- NMAP Commands
SMB enumeration
- Other Host Discovery
- SMB Enumeration
Python Local Web Server
Mounting File Shares
Basic Finger Printing
SNMP Enumeration
DNS Zone Transfers
DNSRecon
HTTP / HTTPS Webserver Enumeration
Packet Inspection
Username Enumeration
- SMB User Enumeration
- SNMP User Enumeration
Passwords
- Wordlists
Brute Forcing Services
- Hydra FTP Brute Force
- Hydra POP3 Brute Force
- Hydra SMTP Brute Force
Password Cracking
- John The Ripper — JTR
Exploit Research
Windows Penetration Testing Commands
Linux Penetration Testing Commands
Compiling Exploits
- Identifying if C code is for Windows or Linux
- Build Exploit GCC
- GCC Compile 32Bit Exploit on 64Bit Kali
- Compile Windows .exe on Linux
SUID Binary
- SUID C Shell for /bin/bash
- SUID C Shell for /bin/sh
- Building the SUID Shell binary
Reverse Shells
TTY Shells
- Python TTY Shell Trick
- Spawn Interactive sh shell
- Spawn Perl TTY Shell
- Spawn Ruby TTY Shell
- Spawn Lua TTY Shell
- Spawn TTY Shell from Vi
- Spawn TTY Shell NMAP
Metasploit
- Meterpreter Payloads
- Windows reverse meterpreter payload
- Windows VNC Meterpreter payload
- Linux Reverse Meterpreter payload
Meterpreter Cheat Sheet
Common Metasploit Modules
- Remote Windows Metasploit Modules (exploits)
- Local Windows Metasploit Modules (exploits)
- Auxilary Metasploit Modules
- Metasploit Powershell Modules
- Post Exploit Windows Metasploit Modules
Networking
- TTL Fingerprinting
IPv4
- Classful IP Ranges
- IPv4 Private Address Ranges
- IPv4 Subnet Cheat Sheet
ASCII Table Cheat Sheet
CISCO IOS Commands
Cryptography
- Hash Lengths
- Hash Examples
SQLMap Examples
Read the whole article at: