This article will be devoted to a selection of tips for novice IS specialists, which are an excellent assistant when working with a certain software or system.
934 
In the world of cybersecurity, every pentester should have reliable tools and proven attack and defense techniques at hand. We have prepared a detailed selection of useful penetration testing cheat sheets that cover the main areas of pentesting: Active Directory, Linux, Windows, AWS and Azure cloud platforms, network hacking, privilege escalation, and persistence.
AWS Cloud Infrastructure Penetration Testing Guide. Describes specific techniques, settings, and vulnerability detection in cloud service configurations.
Network Resource Discovery Guide. Describes tools and techniques for scanning a network to identify active hosts and services.
Describes methods for ensuring persistence on Linux systems after compromise. Includes recommendations for configuring autoruns and using cron jobs.
Metasploit Framework Reference Guide. Contains commands, examples of module usage, and recommendations for effective penetration testing.
A guide to setting up and using reverse shells, which allow remote access to compromised systems using various techniques and protocols.
A guide to using Mimikatz, a powerful tool for extracting credentials from Windows memory. Describes basic commands and usage scenarios.
Cobalt Strike Reference Guide. Contains a list of commands, scripts, and tips for using this tool for attack modeling and threat simulation.
A general pentesting methodology that includes the stages of enumerating, scanning, and analyzing the network infrastructure to identify potential attack vectors.
The document contains privilege escalation techniques on Linux systems. It describes how to identify vulnerabilities and exploit them to gain root access.
Dedicated to security testing of Microsoft Azure services. It covers methods for detecting vulnerabilities, analyzing security settings, and exploiting vulnerabilities in the cloud environment.
The document contains techniques for attacking Active Directory, including exploiting vulnerabilities, elevation of privilege techniques, and bypassing defense mechanisms in the AD environment.
A document describing techniques for searching and enumerating subdomains. Helps expand the attack surface by identifying additional targets within the domain zone.
Describes how to use the Koadic tool to conduct post-exploitation attacks. Includes recommendations for gaining additional privileges and gathering information after the initial compromise.
The document describes methods for switching (pivoting) between network segments after one of its parts is compromised. Helps expand access to internal infrastructure.
Instructions for using stolen credentials to expand network access. Describes methods for further movement in the system using recovered passwords and tokens.
Describes techniques for downloading and executing files on Windows systems. Discusses ways to bypass system restrictions and use scripts to gain control over the system.
This document describes privilege escalation techniques in Windows. It discusses ways to bypass security mechanisms to gain administrative access.
This document provides methods for ensuring persistence in Windows systems. It discusses various techniques, including the use of registry keys, task schedulers, and other mechanisms to preserve access.
934 
1038 
1193