Tool Cheatsheets
Quick reference guides for essential penetration testing tools. Copy-paste ready commands for scanning, enumeration, exploitation, and post-exploitation.
Quick Tips
- Click copy button on any code block
- Replace TARGET, DOMAIN, USER, PASS placeholders
- Always have written authorization first
- Press Ctrl+K to search all cheatsheets
Available Cheatsheets
Nmap
Port scanning, service detection, vulnerability scripts, and host discovery.
Wireshark
Packet capture, display filters, protocol analysis, and tshark CLI commands.
Burp Suite
Web proxy interception, scanning, intruder attacks, and extensions.
SQLMap
SQL injection detection, database enumeration, and data extraction.
Metasploit
Exploitation framework, payload generation, and post-exploitation modules.
Impacket
Windows protocol tools - SMB, Kerberos, secretsdump, psexec, and more.
BloodHound
Active Directory attack path mapping and relationship analysis.
ffuf & Gobuster
Directory brute-forcing, virtual host discovery, and parameter fuzzing.
PowerShell
PowerShell commands for enumeration, exploitation, and post-exploitation.
CrackMapExec
Network pentesting swiss army knife for SMB, WinRM, LDAP, and more.
Flipper Zero
Sub-GHz, RFID/NFC, IR, BadUSB payloads, and hardware hacking reference.
Authentication
Authentication bypass techniques, password attacks, and session management.
Encryption
Encryption algorithms, hash cracking, and cryptographic weaknesses.
Evilginx & MFA Bypass
Reverse proxy phishing, session hijacking, and MFA bypass techniques.
Active Directory
Domain enumeration, Kerberos attacks, DCSync, Golden/Silver tickets.
Windows PrivEsc
Service exploits, token impersonation, credential harvesting, potato attacks.
β οΈ Legal Disclaimer
Always have written authorization before running penetration testing commands. These cheatsheets are for educational and authorized testing purposes only.