# Pentest Links ## Pentest Docs, Authorization Template, Get Out of Jail Letter * * * ## **PenTest Cheat Sheets** * [PentestingCheatsheet](https://anhtai.me/pentesting-cheatsheet/) * [KaliCheatsheet-HSploit](https://hsploit.com/kali-linux-ultimate-cheat-sheet/) * [PentestingTools-HighOnCoffee](https://highon.coffee/blog/penetration-testing-tools-cheat-sheet) * [PenTest Methodology-hacktricks ](https://book.hacktricks.xyz/pentesting-methodology)\*\*\* * [Zero to OSCP in 292 Days](https://blog.mallardlabs.com/zero-to-oscp-in-292-days-or-how-i-accidentally-the-whole-thing-part-2/) * \*\*\*\*[**areyou1or0-OSCP-CommandsForOSCP**](https://github.com/areyou1or0/OSCP) **\*\*\*** * [MiesslerSecLists-Docs,PrivescsPpwlist](https://github.com/danielmiessler/SecLists) * [PayloadAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) .. "All the Tools you could ever want" * [MetasploitCheatSheet-SANS](https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf) * [Big-List-of-Naughty-Strings](https://github.com/minimaxir/big-list-of-naughty-strings) * [Restricted-Linux-Shell-Escaping-Techniques](https://fireshellsecurity.team/restricted-linux-shell-escaping-techniques/) * [PassingTheOSCP](https://medium.com/@Tib3rius/59-hosts-to-glory-passing-the-oscp-acf0fd384371) * \*\*\*\*[**HttpStaticServer-OneLiners**](https://gist.github.com/willurd/5720255)\*\*\*\* * \*\*\*\*[google-nmap-robots-lfi-rce](https://www.google.com/search?ei=gJM2YISlIqyk5NoP5uCv0Aw\&q=path+nmap+dirb+robots+lfi+config+default+version+exploit-db+searchsploit\&oq=path+nmap+dirb+robots+lfi+config+default+version+exploit-db+searchsploit\&gs_lcp=Cgdnd3Mtd2l6EANQ0D1YjkFgjkRoAHACeACAAfsBiAGGBpIBBTAuNC4xmAEAoAEBqgEHZ3dzLXdpesABAQ\&sclient=gws-wiz\&ved=0ahUKEwiE5dGhjIPvAhUsElkFHWbwC8oQ4dUDCA0\&uact=5) ..need more research * ### PrivEsc * \*\*\*\*[**gtfobins.github.io** ](https://gtfobins.github.io)**\*\*\*** * \*\*\*\*[**lolbas-project.github.io**](https://lolbas-project.github.io/) - for windows * [PentestMonkey.net\_ReverseShells](http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet) * [PrivEsc1N3](https://github.com/1N3/PrivEsc) ..PrivEsc Win/Linux/Mac ### Exploits/CVE * [Mitre CVE Search](https://cve.mitre.org/cve/search_cve_list.html) * [Github CVE-Search](https://github.com/cve-search/cve-search) * [OffensiveSecurity-BinSploits ](https://github.com/offensive-security/exploitdb-bin-sploits/tree/master/bin-sploits)..this is blowing my mind here!! ### Move Files * [Files from Kali to Windows (Easy: SMB, FTP, TFTP)](https://blog.ropnop.com/transferring-files-from-kali-to-windows) ### Buffer Overflows * * CyberMentor: * CyberMentor Guide: * * [https://github.com/justinsteven/dostackbufferoverflowgood/](https://github.com/justinsteven/dostackbufferoverflowgood/blob/master/dostackbufferoverflowgood_tutorial.md) * gh0x0st Method: ### Python * Google's Python Class: * Python First Steps * Python for Everybody * Violent Python3: * Black Hat Python3: * Ethical Hacking: * Network-Cookbook * Offensive Pentest * Python for Pentesters: (with paid subscription) * WebDevPro: * NSA Training: * The Coder's Apprentice ### Hacking Challenges * [overthewire.com](http://overthewire.com) * [HackingChallengeList(blackroomsec)](http://www.blackroomsec.com/updated-hacking-challenge-site-links/) * [PracticeLabs(mindmap)](https://amanhardikar.com/mindmaps/Practice.html) * [CTF Resources(github)](https://github.com/pwneip/ctf-resources) * [CTF Notes (nopresearcher)](https://github.com/nopresearcher/ctf_notes) * [CTF Resources(r00k)](https://gitlab.com/r00k/ctf-resources/) ## OSCP Study Guides: * [OWASP Juice Shop](https://owasp.org/www-project-juice-shop/) * [Useful Oscp Notes and Commands](https://falconspy.medium.com/useful-oscp-notes-commands-d71b5eda7b02) * [johnjhacking prep guide](https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/) * [PenTest Methodology hacktricks](https://book.hacktricks.xyz/pentesting-methodology) * [Zero to OSCP in 292 Days](https://blog.mallardlabs.com/zero-to-oscp-in-292-days-or-how-i-accidentally-the-whole-thing-part-2/) * [Falconspy OSCP Approved Tools](https://falconspy.medium.com/unofficial-oscp-approved-tools-b2b4e889e707) * [OSCP-Human-Guide](https://github.com/six2dez/OSCP-Human-Guide/blob/master/oscp_human_guide.md) ..tons of stuff, including wp-scan options * [OSCP-Commands](https://saleem144.gitbooks.io/oscp-saleem/oscp-commands.html) * [OSCP-Enum-StrongCourage](http://strongcourage.github.io/2020/05/03/enum.html) * * * --Great!! * ## Best HTB Walkthroughs * ..David Martinez * [https://ranakhalil101.medium.com/](https://ranakhalil101.medium.com/hack-the-box-tartarsauce-writeup-w-o-metasploit-e73393d4a0cd) ..Rana Khalil * --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://pentest.mxhx.org/pentest-links.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.