Free, comprehensive cheat sheets for penetration testing and security research. Quick reference guides for common attack techniques and tools.
Complete guide to SQL injection attacks including MySQL, PostgreSQL, MSSQL, and Oracle. Covers authentication bypass, union-based, blind, and time-based techniques.
Cross-Site Scripting (XSS) payload collection with filter bypasses, encoding techniques, and modern XSS vectors for DOM, Reflected, and Stored XSS.
Comprehensive guide to escalating privileges on Linux systems. Covers SUID binaries, kernel exploits, cron jobs, and misconfigurations.
Windows privilege escalation techniques including token manipulation, service exploits, registry keys, and UAC bypasses.
Collection of reverse shell one-liners for Bash, Python, PHP, Perl, Ruby, Netcat, and more. Includes obfuscation techniques.
Guide to password cracking with Hashcat, John the Ripper, and Hydra. Includes hash identification and wordlist strategies.
Active Directory penetration testing techniques including Kerberoasting, AS-REP Roasting, DCSync, and Golden Ticket attacks.
Complete fuzzing guide with ffuf, wfuzz, and Burp Intruder. Includes wordlists, parameter discovery, and subdomain enumeration.
Nmap scanning techniques from basic to advanced. Port scanning, OS detection, service enumeration, and NSE scripts.
Explore our security tools arsenal, CVE database, and hands-on writeups for comprehensive learning.