CheatSheets

CURL DNS File Transfer Hydra Impacket JohnTheRipper NCAT NMAP Online Resources Reverse Shell Wordlists

Active Directory

Mindmap Attacking AD Linux AD

Cloud

AWS Azure Google Terraform

Container

Docker Kubernetes

Linux

Penetration Testing Checklist Enumeration Privilege Escalation Post Exploitation Services Tools

Network

Data Exfiltration Port Scanning Reconnaissance Pivoting Services Traffic Analysis

Tech Stack

CMS Databases DevOps Enterprise Apps IAM Monitoring Open-Source Utilities Web Servers

Windows

AV/EDR Evasion Enumeration Privilege Escalation Post Exploitation

Web Application

Reconnaissance Common Vulnerabilities Authentication Bypass API Testing

Linux Enumeration

System Information Gathering

Essential commands for initial system enumeration:

# Basic System Info
uname -a
cat /etc/issue
cat /etc/*-release
hostnamectl
lscpu

# User Information
whoami
id
who
w
last

# Network Configuration
ip a
netstat -tulpn
ss -tulpn
iptables -L

Additional System Information Gathering

# Additional system details
cat /proc/version
lsb_release -a
dmesg | grep -i linux

Additional Network Configuration

# ARP table and routing
ip neighbor
route -n
cat /etc/resolv.conf

# External port scanning
nmap -sT -p- <target>
masscan -p0-65535 <target>

Automated Enumeration Tools

• LinPEAS

  #One line start
  curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh
  

• LinEnum
• pspy64