Cheat Sheets
Direct links to different PentestWiki sections with cheat sheets for easy access:
INFRASTRUCTURE PENETRATION TESTING
The most important foundation in Penetration Testing and Read Team Operations based on standards such as PTES, CEH, OSSTMM among others
● PHASE I: Reconnaissance
● PHASE II: Scanning
● PHASE III: Enumeration
● PHASE IV: Exploitation
● PHASE V: Post exploitation
● PHASE VI: Covering Tracks
● PHASE VII: Lateral Movement
WEB APPLICATION PENETRATION TESTING
Learn how to perform Web Application Penetration Testing to test websites, APIs, SQL injections, SSL/TLS attacks and OWASP TOP 10
● Intro to web application testing
● Types of Web Application Attacks
● Attacks on SSL/TLS protocols
MOBILE APPLICATION PENETRATION TESTING
Learn how to hack mobile apps for Android and iOS and protect them against tampering
● Static Analysis for Android and iOS
RED TEAMING
Red teaming tools to test defensive systems and simulate advanced attacks
● Tools and Frameworks for RED TEAMS
Latest from blog
Because Computer Security matters…
How to search Android apps in other countries
Imagine that you are looking for pentest apps in the Google Play Store, that’s the URL you got: https://play.google.com/store/search?q=pentest By default, Google only shows you apps that are available in[…]
Read more
🔝 How to get a xp_cmdshell reverse shell
In a pentesting engagement, if you got the credentials of the MS SQL SERVER you can easily execute any command on the database server with nmap NSE script, ms-sql-xp-cmdshell: You[…]
Read more
Android APK security analyzer
There are several security analyzers for Android apps. Mainly there are two categories, you can analyze a running app directly on the mobile phone or an emulator, this is called[…]
Read more
