Cheat Sheets
Direct links to different PentestWiki sections with cheat sheets for easy access:
MsfvenomMeterpreterPrivilege EscalationPivotingDirectory TraversalEnumerationINFRASTRUCTURE PENETRATION TESTING
The most important foundation in Penetration Testing and Read Team Operations based on standards such as PTES, CEH, OSSTMM among others
● PHASE I: Reconnaissance
● PHASE II: Scanning
● PHASE III: Enumeration
● PHASE IV: Exploitation
● PHASE V: Post exploitation
● PHASE VI: Covering Tracks
● PHASE VII: Lateral Movement
WEB APPLICATION PENETRATION TESTING
Learn how to perform Web Application Penetration Testing to test websites, APIs, SQL injections, SSL/TLS attacks and OWASP TOP 10
● Intro to web application testing
● Types of Web Application Attacks
● Attacks on SSL/TLS protocols
MOBILE APPLICATION PENETRATION TESTING
Learn how to hack mobile apps for Android and iOS and protect them against tampering
● Static Analysis for Android and iOS
RED TEAMING
Red teaming tools to test defensive systems and simulate advanced attacks
● Tools and Frameworks for RED TEAMS
BLOCKCHAIN SECURITY
Learn Blockchain attacks and smart contracts vulnerabilities.
● Blockchain Security Attacks Review
Latest from blog
Because Computer Security matters…
How to hijack Android OS calls with Frida
LEVEL: ADVANCED When we are performing a pentest on an Android app, sometimes is useful to get the parameters that the application is sending through a function or even hijack[…]
Read moreWeb3 Security Cheat Sheet
Solidity Attacks var misusetx.origin vs. msg.sendersend() vs. transfer()DOS in for/while if user can control mapping lengthvariables scope in inheritance: public vs. internalunfiltered variablesinteger overflowsselfdestructInheritance methods overrideproxy constructors hijacking: initialize() or init()DELEGATECALL transferOwnership() exploitationfallback function() {} DeFi Attacks Amount encoding: 0xFFF, 1e-100change source address[…]
Read moreHow to reverse engineer any Android game using Unity
LEVEL: ADVANCED Download https://github.com/Perfare/Il2CppDumper (Unity il2cpp reverse engineer) Now open package_re\DummyDll\Assembly-CSharp.dll with DnSpy. Also you can use the following Frida wrapper to save time: https://github.com/vfsfitvnm/frida-il2cpp-bridge How useful was this post? Click on a star to rate[…]
Read more