Awesome Pentest Cheat Sheets

Collection of the cheat sheets useful for pentesting
Alternatives To Awesome Pentest Cheat Sheets
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
4 days ago34otherPython
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Active Directory Exploitation Cheat Sheet3,972
18 days ago4mit
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Awesome Pentest Cheat Sheets3,106
4 months ago
Collection of the cheat sheets useful for pentesting
Awesome Game Security1,789
a day ago1mitPython
awesome game security [Welcome to PR]
Security Cheatsheets901
a year ago5mit
🔒 A collection of cheatsheets for various infosec tools and topics.
Anti Ddos762
a year ago3mitShell
🔒 Anti DDOS | Bash Script Project 🔒
Active Directory Exploitation Cheat Sheet659
3 years agomitPowerShell
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Getting Into Infosec And Cybersecurity462
6 months ago1
A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.
Cyber Sec Resources277
2 years ago2Python
An organized list of resources including tools, blog-posts and how-to tutorials compiled and created by SCSP community members.
Oscp Cheat Sheet217
2 years ago
This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Alternatives To Awesome Pentest Cheat Sheets
Select To Compare

Alternative Project Comparisons

Awesome Pentest Cheat Sheets Awesome

Collection of cheat sheets useful for pentesting


Your contributions and suggestions are heartily welcome. Please check the Contributing Guidelines for more details.

Security Talks and Videos



  • Google Dorks - Google Dorks Hacking Database (Exploit-DB)
  • Shodan - Shodan is a search engine for finding specific devices, and device types, that exist online
  • ZoomEye - Zoomeye is a Cyberspace Search Engine recording information of devices, websites, services and components etc.
  • Amass - OWASP Network mapping of attack surfaces and external asset discovery using open source information


  • enum4linux-ng - Python tool for enumerating information from Windows/Samba systems


Privilege Escalation

Learn Privilege Escalation

Linux Privilege Escalation

  • Basic Linux Privilege Escalation - Linux Privilege Escalation by @g0tmi1k
  • - Linux privilege escalation auditing tool written in bash (updated)
  • - Linux Exploit Suggester written in Perl (last update 3 years ago)
  • v2 - Next-generation exploit suggester based on Linux_Exploit_Suggester (updated)
  • Linux Soft Exploit Suggester - linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities
  • - bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source)
  • - This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits (@SecuritySift)
  • LinEnum - This tool is great at running through a heap of things you should check on a Linux system in the post exploit process. This include file permissions, cron jobs if visible, weak credentials etc.(@Rebootuser)
  • linPEAS - LinPEAS - Linux Privilege Escalation Awesome Script. Check the Local Linux Privilege Escalation checklist from
  • MimiPenguin - A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.

Windows Privilege Escalation

  • PowerUp - Excellent powershell script for checking of common Windows privilege escalation vectors. Written by harmj0y (direct link)
  • PowerUp Cheat Sheet
  • Windows Exploit Suggester - Tool for detection of missing security patches on the windows operating system and mapping with the public available exploits
  • Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities
  • Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
  • Precompiled Windows Exploits - Collection of precompiled Windows exploits
  • Metasploit Modules
    • post/multi/recon/local_exploit_suggester - suggests local meterpreter exploits that can be used
    • post/windows/gather/enum_patches - helps to identify any missing patches


Tools Online



  • Fuzzdb - Dictionary of attack patterns and primitives for black-box application testing Polyglot Challenge with submitted solutions
  • SecList - A collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more



Learning Platforms



Wireless Hacking


  • wifite2 - Full automated WiFi security testing script

Defence Topics


Popular Cheat Projects
Popular Security Projects
Popular Games Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Penetration Testing
Privilege Escalation