Cheatography
https://cheatography.com
Penetration Testing Cheat Sheet
This is a draft cheat sheet. It is a work in progress and is not finished yet.
Setting Up
Using apt |
apt <COMMAND> <PACKAGE> |
Firefox Extensions |
Wappalyzer, Foxyproxy, HacKontent, Vulners |
Note-Taking |
Obsidian, Pwndocs |
Pwndocs This is a professional Penetration Testing report generator available Here
System Updates You can add custom commands to your ~/.bashrc
file to run things like system updates without having to type the whole apt command
echo "alias sysupdate='sudo apt-get update -y && sudo apt-get upgrade -y'” >> ~/. bashrc
To run this command, start a new terminal and type sysupdate
|
Information Gathering
nslookup |
Query All |
nslookup -query=all <URL> |
Name Server |
nslookup -type=ns <URL> |
|
|
Nmap |
Check Open Ports |
nmap -n -Pn -vvv <IP> |
Scan w/Common Scripts |
nmap -sSCV -Pn -A -vvv -p=<PORTS> <IP> --min-rate=5000 |
Output Scan to Files |
<nmap command> -oA filename |
Change XML to HTML |
xlstproc filename.xml -o filename.html |
Whois |
whois <URL> |
Dnsenum |
dnsenum <URL> |
Cyberchef |
|
Replace <>
with the respective info.
|
|
Exploitation
Metasploit |
metasploit -q |
Update |
metasploit update |
Documentation |
|
Multihandler |
|
Searchsploit |
Vulnerability Search |
searchsploit <APPLICATION> |
download module |
searchsploit -m <MODULE NUM> |
Reverse Shell Generator |
|
Netcat |
Reverse Shell (Connect) |
nc -lvnp <PORT> |
Bind Shell (Connect) |
nc <IP> <PORT> |
rlwrap |
rlwrap nc <..>
- Gives you more control |
Pwncat - Python Netcat C2 |
|
|
|
Bruteforce Attacks
Hashcat |
|
Find encoding/encryption in help |
hashcat -h | grep <ENC> |
JohnTheRipper |
|
Crackstation - Rainbow Table |
|
CrackMapExec |
|
WPScan |
|
|
|
Wi-Fi Cracking
Airmon-ng - Monitor |
Start listener on interface |
airmon-ng start wlan0 |
Airodump-ng - Dump |
Select Interface |
airodump-ng wlan0 |
Dump Hashes |
airodump-ng -w <WORDLIST> -c 1 --bssid <MAC> wlan0 |
| |
airodump-ng -w Attack1 -c 1 --bssid E6:6F:14:31:63:1C wlan0 |
Aircrack-ng - Crack |
Crack Captured MAC |
aircrack-ng -a2 -b <MAC> -w <WORDLIST> </path/to/capture> |
| |
aircrack-ng -a2 -b E6:6F:14:31:63:1C -w /root/Desktop/wordlist.txt /root/Desktop/Attack1-01.cap |
Documentation |
|
|
