InfoSec Cheatsheets
Enumeration
File Inclusion/traversal attacks
Full Interactive tty shell
Limited Shells
Nmap scans
- https://medium.com/@infosecsanyam/nmap-cheat-sheet-nmap-scanning-types-scanning-commands-nse-scripts-868a7bd7f692
- https://hackertarget.com/nmap-tutorial/
Privilege escalation
-
Linux Privilege Escalation
- https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
- https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
- https://dl.packetstormsecurity.net/papers/attack/exploiting_capabilities_the_dark_side.pdf
- https://nxnjz.net/2018/08/an-interesting-privilege-escalation-vector-getcap/
- https://payatu.com/guide-linux-privilege-escalation/
- https://securism.wordpress.com/oscp-notes-privilege-escalation-linux/
- https://www.hackingarticles.in/linux-privilege-escalation-via-automated-script/
-
Windows Privilege Escalation
- http://www.fuzzysecurity.com/tutorials/16.html
- https://medium.com/@rahmatnurfauzi/windows-privilege-escalation-scripts-techniques-30fa37bd194
- https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
- https://www.joshruppe.com/basic-windows-enumeration/
- https://mysecurityjournal.blogspot.com/p/client-side-attacks.html
Reverse Shells
- https://highon.coffee/blog/reverse-shell-cheat-sheet/
- http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
SQL Injection
- https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
- http://www.securityidiots.com/Web-Pentest/SQL-Injection/
- http://zoczus.blogspot.com/2013/03/sql-injection-without-comma-char.html
- https://github.com/kahla-sec/CTF-Writeups/tree/master/Securinets%20Prequals%202k20/The%20after-Prequal
- https://www.perspectiverisk.com/mysql-sql-injection-practical-cheat-sheet/
- https://blog.redforce.io/sql-injection-in-insert-update-query-without-comma/
- https://github.com/kratel/ctf_writeups/tree/master/securinets_2k20_prequals/web/the_after_prequal