🔴 Hacking Cheatsheets

    ██╗  ██╗ █████╗  ██████╗██╗  ██╗██╗███╗   ██╗ ██████╗ 
    ██║  ██║██╔══██╗██╔════╝██║ ██╔╝██║████╗  ██║██╔════╝ 
    ███████║███████║██║     █████╔╝ ██║██╔██╗ ██║██║  ███╗
    ██╔══██║██╔══██║██║     ██╔═██╗ ██║██║╚██╗██║██║   ██║
    ██║  ██║██║  ██║╚██████╗██║  ██╗██║██║ ╚████║╚██████╔╝
    ╚═╝  ╚═╝╚═╝  ╚═╝ ╚═════╝╚═╝  ╚═╝╚═╝╚═╝  ╚═══╝ ╚═════╝ 
     ██████╗██╗  ██╗███████╗ █████╗ ████████╗███████╗██╗  ██╗███████╗███████╗████████╗███████╗
    ██╔════╝██║  ██║██╔════╝██╔══██╗╚══██╔══╝██╔════╝██║  ██║██╔════╝██╔════╝╚══██╔══╝██╔════╝
    ██║     ███████║█████╗  ███████║   ██║   ███████╗███████║█████╗  █████╗     ██║   ███████╗
    ██║     ██╔══██║██╔══╝  ██╔══██║   ██║   ╚════██║██╔══██║██╔══╝  ██╔══╝     ██║   ╚════██║
    ╚██████╗██║  ██║███████╗██║  ██║   ██║   ███████║██║  ██║███████╗███████╗   ██║   ███████║
     ╚═════╝╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚══════╝╚══════╝   ╚═╝   ╚══════╝

📚 A comprehensive collection of penetration testing cheatsheets for security professionals

Cheatsheets • Quick Start • Contributing • License

---

🎯 About

Hacking Cheatsheets is a curated collection of quick reference guides for penetration testing and ethical hacking tools. Each cheatsheet provides:

• ✅ Clear explanations of tool functionality
• ✅ Command syntax with practical examples
• ✅ Real-world scenarios and use cases
• ✅ Quick reference tables for rapid lookup
• ✅ Tips & best practices from experienced pentesters

---

🎯 Attack Methodology (Kill Chain)

NEW! Complete step-by-step guide for penetration testing based on MITRE ATT&CK framework.

Phase	Description	Guide
1. Initial Access	Exploits, phishing, credentials	📄 View
2. Enumeration	System & network discovery	📄 View
3. Privilege Escalation	Get root/SYSTEM access	📄 View
4. Lateral Movement	Move across the network	📄 View
5. Persistence	Maintain access	📄 View
6. Defense Evasion	Bypass AV/EDR/AMSI	📄 View
7. Actions on Objectives	Data exfiltration & impact	📄 View

👉 Full Kill Chain Overview

---

🛡️ Blue Team (Defensive Security)

NEW! Complete defensive security guides for SOC analysts and incident responders.

Topic	Description	Guide
Incident Response	IR lifecycle, containment, procedures	📄 View
Log Analysis	Windows/Linux log analysis & Event IDs	📄 View
SIEM Detection	Splunk/ELK queries & dashboards	📄 View
Threat Hunting	Proactive hunting techniques	📄 View
Hardening	Windows/Linux hardening checklists	📄 View
Sigma Rules	Platform-agnostic detection rules	📄 View
YARA Rules	Malware & IOC detection patterns	📄 View

👉 Full Blue Team Overview

---

☁️ Cloud Security

NEW! Cloud pentesting guides for AWS, Azure, and GCP.

Provider	Description	Guide
AWS	S3, IAM, Lambda, EC2, IMDS	📄 View
Azure	Azure AD, Blob Storage, VMs, Key Vault	📄 View
GCP	GCS, IAM, Compute, Cloud Functions	📄 View

👉 Full Cloud Security Overview

---

📱 Mobile Security

NEW! Mobile app pentesting guides for Android and iOS.

Platform	Description	Guide
Android	APK analysis, Frida, root detection bypass	📄 View
iOS	IPA analysis, jailbreak, Objection, keychain	📄 View

👉 Full Mobile Security Overview

---

🐳 Container Security

NEW! Docker & Kubernetes pentesting guides.

Platform	Description	Guide
Docker	Container escape, image analysis, daemon exploitation	📄 View
Kubernetes	RBAC bypass, pod escape, secrets extraction	📄 View

👉 Full Container Security Overview

---

🎭 Social Engineering

NEW! Social engineering techniques, phishing campaigns, and pretexting guides.

Topic	Description	Guide
Phishing	Email phishing, GoPhish, Evilginx2, vishing, smishing	📄 View
Pretexting	Personas, scenarios, psychological manipulation	📄 View

👉 Full Social Engineering Overview

---

📝 Reporting Templates

NEW! Professional report templates for pentesters and bug bounty hunters.

Template	Description	Guide
Pentest Report	Full penetration test report structure	📄 View
Bug Bounty Report	HackerOne/Bugcrowd submission template	📄 View
Executive Summary	Non-technical summary for C-level	📄 View

---

🔍 OSINT (Open Source Intelligence)

NEW! Complete OSINT methodology and tool guides.

Topic	Description	Guide
People Search	Find individuals online, phone/address lookup	📄 View
Email OSINT	Email discovery, breach checking, verification	📄 View
Social Media	Username search, platform-specific OSINT	📄 View
Domain & IP	WHOIS, DNS, subdomain, IP reconnaissance	📄 View
Image OSINT	Reverse image search, EXIF metadata	📄 View

👉 Full OSINT Overview

---

🌐 Network Pentesting

NEW! Complete network penetration testing guides.

Topic	Description	Guide
Port Scanning	Nmap, Masscan, RustScan	📄 View
Network Enumeration	SMB, SNMP, NFS, LDAP, DNS	📄 View
MITM Attacks	ARP spoofing, DNS spoofing, SSL strip	📄 View
Service Exploitation	FTP, SSH, SMB, RDP, databases	📄 View

👉 Full Network Pentesting Overview

---

🏁 CTF Cheatsheets

NEW! Complete CTF competition guides for HackTheBox, TryHackMe, PicoCTF.

Category	Description	Guide
Web	SQLi, XSS, SSTI, LFI, Auth bypass	📄 View
Crypto	RSA, AES, hashes, encoding, XOR	📄 View
Reverse Engineering	Ghidra, IDA, GDB, patching	📄 View
Forensics	Steganography, memory, disk, PCAP	📄 View
Pwn/Binary	Buffer overflow, ROP, shellcode	📄 View

👉 Full CTF Overview

---

📡 IoT Hacking

NEW! IoT device hacking, firmware analysis, and hardware hacking guides.

Topic	Description	Guide
Firmware Analysis	Binwalk, extraction, RE, secrets	📄 View
Hardware Hacking	UART, JTAG, SPI, I2C, debug ports	📄 View

👉 Full IoT Hacking Overview

---

📖 Cheatsheets

🔴 Exploitation Framework

Tool	Description	Cheatsheet
Metasploit Framework	The world's most used penetration testing framework	📄 View
Meterpreter	Advanced post-exploitation payload	📄 View
Mimikatz	Windows credential extraction tool	📄 View
PowerShell	Windows scripting for pentesting	📄 View
Linux Commands	Linux & Bash for pentesting	📄 View

🔍 Reconnaissance & Scanning

Tool	Description	Cheatsheet
Nmap	Network discovery and security auditing	📄 View
Gobuster	Directory/DNS/VHost brute-forcing	📄 View
Nikto	Web server scanner	📄 View

🌐 Web Application Testing

Tool	Description	Cheatsheet
SQLMap	SQL injection automation tool	📄 View
Burp Suite	Web application security testing platform	📄 View
OWASP ZAP	Free web app security scanner	📄 View

🔓 Password Cracking

Tool	Description	Cheatsheet
Hydra	Fast network login cracker	📄 View
John the Ripper	Legendary password cracker	📄 View
Hashcat	World's fastest GPU password cracker	📄 View

📡 Network Analysis

Tool	Description	Cheatsheet
Wireshark	Network protocol analyzer	📄 View
tcpdump	Command-line packet analyzer	📄 View

🐛 Bug Bounty

Tool	Description	Cheatsheet
⭐ BB Methodology	Complete bug bounty hunting guide	📄 View
Nuclei	Template-based vulnerability scanner	📄 View
ffuf	Fast web fuzzer	📄 View
Subfinder	Subdomain discovery	📄 View
httpx	HTTP probe & toolkit	📄 View
Amass	In-depth attack surface mapping	📄 View
GAU	Get All URLs from archives	📄 View
Katana	Next-gen web crawler	📄 View
Arjun	Hidden parameter discovery	📄 View
Dalfox	XSS vulnerability scanner	📄 View

💉 Payloads Collection

Vulnerability	Description	Cheatsheet
XSS	Cross-Site Scripting payloads	📄 View
SQLi	SQL Injection payloads	📄 View
LFI	Local File Inclusion payloads	📄 View
SSTI	Server-Side Template Injection	📄 View
Command Injection	OS command injection payloads	📄 View
NoSQL Injection	MongoDB, CouchDB, Redis payloads	📄 View
Deserialization	Java, PHP, Python, .NET payloads	📄 View
WebSocket Attacks	CSWSH, injection, hijacking	📄 View
GraphQL Injection	Introspection, IDOR, injection	📄 View

🔴 Web Vulnerabilities

Vulnerability	Description	Cheatsheet
API Security	REST/GraphQL/JWT testing guide	📄 View
IDOR	Insecure Direct Object Reference	📄 View
SSRF	Server-Side Request Forgery	📄 View
XXE	XML External Entity Injection	📄 View
Race Conditions	Timing & concurrency attacks	📄 View
Auth Bypass	Authentication bypass techniques	📄 View
CORS	Cross-Origin misconfigurations	📄 View
Open Redirect	URL redirect vulnerabilities	📄 View

🛡️ Advanced Attack Techniques

Topic	Description	Cheatsheet
WAF Bypass	Origin IP discovery & WAF evasion	📄 View
Cloudflare Bypass	Find origin IP behind Cloudflare	📄 View
Subdomain Takeover	Dangling CNAME exploitation	📄 View
Cache Poisoning	Web cache poisoning & deception	📄 View
HTTP Smuggling	Request smuggling (CL.TE/TE.CL)	📄 View
Prototype Pollution	JavaScript prototype attacks	📄 View

🔎 Dorking & OSINT

Tool	Description	Cheatsheet
Google Dorking	Advanced Google search techniques	📄 View
Shodan	IoT & device search engine	📄 View
GitHub Dorking	Secret hunting in repositories	📄 View

🔝 Privilege Escalation

Topic	Description	Cheatsheet
Linux PrivEsc	Linux privilege escalation techniques	📄 View
Windows PrivEsc	Windows privilege escalation techniques	📄 View

🔬 Digital Forensics

Tool	Description	Cheatsheet
Volatility	Memory forensics framework	📄 View
Autopsy	Digital forensics platform (GUI)	📄 View
ExifTool	Metadata extraction & analysis	📄 View
Binwalk	Firmware analysis & extraction	📄 View

🔄 Reverse Engineering

Tool	Description	Cheatsheet
Ghidra	NSA reverse engineering suite	📄 View
GDB	GNU Debugger (Linux debugging)	📄 View
x64dbg	Windows x64/x32 debugger	📄 View

📶 WiFi Hacking

Tool	Description	Cheatsheet
Aircrack-ng	WiFi hacking suite (WPA/WPA2)	📄 View
Wifite	Automated WiFi auditor	📄 View
Bettercap	Network attack framework (MITM/WiFi)	📄 View

🏢 Active Directory

Tool	Description	Cheatsheet
⭐ AD Methodology	Step-by-step attack guide	📄 View
BloodHound	AD attack path visualization	📄 View
Impacket	Python AD attack toolkit	📄 View
CrackMapExec	AD Swiss Army knife	📄 View
Rubeus	Kerberos abuse toolkit	📄 View
PowerView	PowerShell AD enumeration	📄 View
Responder	LLMNR/NBT-NS poisoning	📄 View
Evil-WinRM	WinRM shell for pentesters	📄 View
Kerbrute	Kerberos user enum & spray	📄 View

📚 Resources

Resource	Description	Cheatsheet
Wordlists	Complete wordlist reference guide	📄 View
Kali Linux Tools	600+ tools by category	📄 View

---

🚀 Quick Start

Clone the Repository

git clone https://github.com/Ilias1988/Hacking-Cheatsheets.git
cd Hacking-Cheatsheets

Browse Cheatsheets

Navigate to any tool folder and open the README.md file:

# View Metasploit cheatsheet
cat Metasploit/README.md

# Or open in your favorite editor
code Metasploit/

Offline Access

All cheatsheets are in Markdown format, making them:

• 📱 Mobile-friendly - Read on any device
• 🔌 Offline accessible - No internet required
• 🖨️ Printable - Create physical copies
• 🔍 Searchable - Use grep or your editor's search

---

📂 Repository Structure

Hacking-Cheatsheets/
│
├── README.md              # This file - Main index
├── LICENSE                # MIT License
├── CONTRIBUTING.md        # Contribution guidelines
├── .gitignore             # Git ignore rules
│
├── Metasploit/            # Metasploit Framework
│   ├── README.md          # Complete msfconsole guide
│   └── Meterpreter.md     # Meterpreter cheatsheet
│
├── Nmap/                  # Network Scanner
│   └── README.md          # Complete Nmap guide
│
├── Gobuster/              # Directory/DNS Enumeration
│   └── README.md          # Complete Gobuster guide
│
├── Nikto/                 # Web Server Scanner
│   └── README.md          # Complete Nikto guide
│
├── SQLMap/                # SQL Injection Tool
│   └── README.md          # Complete SQLMap guide
│
├── Burp-Suite/            # Web Application Testing
│   └── README.md          # Complete Burp Suite guide
│
├── OWASP-ZAP/             # OWASP Zed Attack Proxy
│   └── README.md          # Complete ZAP guide
│
├── Hydra/                 # Network Login Cracker
│   └── README.md          # Complete Hydra guide
│
├── John-The-Ripper/       # Password Cracker
│   └── README.md          # Complete John guide
│
├── Hashcat/               # GPU Password Cracker
│   └── README.md          # Complete Hashcat guide
│
├── Wireshark/             # Network Protocol Analyzer
│   └── README.md          # Complete Wireshark guide
│
├── tcpdump/               # Command-Line Packet Analyzer
│   └── README.md          # Complete tcpdump guide
│
├── Nuclei/                # Bug Bounty Scanner
│   └── README.md          # Complete Nuclei guide
│
├── ffuf/                  # Web Fuzzer
│   └── README.md          # Complete ffuf guide
│
├── Subfinder/             # Subdomain Discovery
│   └── README.md          # Complete Subfinder guide
│
├── httpx/                 # HTTP Probe & Toolkit
│   └── README.md          # Complete httpx guide
│
├── Google-Dorking/        # Google Search Hacking
│   └── README.md          # Complete Google Dorking guide
│
├── Shodan/                # IoT Search Engine
│   └── README.md          # Complete Shodan guide
│
├── GitHub-Dorking/        # Secret Hunting
│   └── README.md          # Complete GitHub Dorking guide
│
└── ...

---

🤝 Contributing

Contributions are welcome! Please read our Contributing Guidelines before submitting a pull request.

Ways to Contribute

• 📝 Add new cheatsheets for tools not yet covered
• 🔧 Improve existing cheatsheets with better examples
• 🐛 Report issues or suggest improvements
• 🌐 Translate cheatsheets to other languages
• ⭐ Star this repo to show your support!

---

⚠️ Legal Disclaimer

IMPORTANT: These cheatsheets are intended for educational purposes and authorized security testing only.

• ✅ Use on systems you own
• ✅ Use with explicit written permission
• ✅ Use in legal penetration testing engagements
• ❌ Never use for unauthorized access
• ❌ Never use for malicious purposes

Unauthorized access to computer systems is illegal. The authors are not responsible for any misuse of this information.

---

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

---

🌟 Show Your Support

If you find these cheatsheets useful, please consider:

• ⭐ Starring this repository
• 🍴 Forking to contribute
• 📢 Sharing with fellow security professionals
• 💬 Providing feedback for improvements

---

📬 Contact

• GitHub Issues - For bug reports and feature requests
• Pull Requests - For contributions

---

Happy Hacking! 🔴
Remember: Hack responsibly, hack ethically!

---

Made with ❤️ for the cybersecurity community