This cheatsheet may no longer be comprehensive since the exam was drastically changed in early 2022.
This is the penetration testing cheatsheet I created to get my OSCP certification. It has quick guides and useful commands to enumerate and exploit some low-hanging fruits and common services. I recommend absolute beginners to look at the references to fully understand what's going on here.
Also, I added links to original repositories and/or authors of the utilities I use. I compiled some utilities and put them into the private repo (pentesting-tools). I cannot share them due to legal reasons, so you have to download/compile them yourself.
Github-md-toc-generator is used to generate Tables of Contents.
─────█─▄▀█──█▀▄─█─────
────▐▌──────────▐▌────
────█▌▀▄──▄▄──▄▀▐█────
───▐██──▀▀──▀▀──██▌───
──▄████▄──▐▌──▄████▄──
- Kali Virtual Machine Configuration
- Enumeration and Exploitation of Services
- Buffer Overflow Attack
- Linux Privilege Escalation
- Windows Privilege Escalation
- Utilities
- winPEAS
- linPEAS
- Linux Smart Enumeration
- Linux Exploit Suggester
- mkpsrevshell
- SharpUp
- AccessChk
- PowerView
- Seatbelt
- Rubeus
- Mimikatz
- SharpHound
- Procmon
- creddump7
- Plink
- HotPotato
- RoguePotato
- PrintSpoofer
- JuicyPotato
- incognito
- SharpWeb
- pspy
- mongodb2hashcat
- Probable-Wordlists
- Payloadbox
- PayloadAllTheThings