Tag: cheat-sheet

Practical summary of port forwarding/tunnelling techniques in Linux and Windows (SSH, socat, netcat, meterpreter, plink, and netsh) for accessing internal services behind firewalls.

Practical compilation of methods for transferring files during post-exploitation on Linux and Windows. Includes HTTP, Netcat, SCP, FTP, SMB, Certutil, PowerShell, and Powercat. Ideal for uploading tools or downloading data from the victim without Meterpreter or Empire.

Compilation of techniques for obtaining shell access in Windows after RCE. Includes in-memory PowerShell, Powercat, Regsvr32, HTA, Cscript, MSBuild, WMIC, Certutil, and tests against Windows Defender.

Complete guide to XSS vulnerabilities: types (Reflected, Stored, DOM-Based), filter bypass techniques, and payloads to evade validations and WAFs.

Updated compilation of the most common and useful reverse shells in pentesting. Includes Bash, Perl, Python, PHP, Ruby, Netcat, and bind shells. Also includes payloads generated with msfvenom and modern tools. Perfect for post-exploitation after obtaining RCE.