Skip to content

PANDORE | Cheatsheet for Cybersecurity

Checklist

PANDORE | Cheatsheet for Cybersecurity

Home
Guide
Guide
- BugBounty
  BugBounty
  - Checklist
  - CheatSheet
- OSCP
  OSCP
  - HowTo
- SQLI
  SQLI
Pentest
Pentest
- Web
  Web
  - Tools
    
    Tools
  - Authentication, sessions & cookies
    
    Authentication, sessions & cookies
    
    Bruteforce
    
    Bruteforce
    
    Hydra
    Hydra
    
    Hydra-Cheatsheet
  - Data verification
    
    Data verification
  - Directories
    
    Directories
    
    Path Disclosure
    
    Path Disclosure
    
    Inspathx
    
    Nikto
    
    Path Enumeration
    
    Path Enumeration
    
    Gobuster
    
    Dirb
    
    Dirsearch
    
    Traversal
    
    Traversal
    
    Dotdotpwn
  - Exposures information
    
    Exposures information
  - Injection | Inclusion
    
    Injection | Inclusion
    
    Command Injection
    
    Command Injection
    
    Payload List
    
    Cross Site Scripting XSS
    
    Cross Site Scripting XSS
    
    Cheetset
    
    Cross Site Request Forgery CSRF
    
    Cross Site Request Forgery CSRF
    
    IDOR
    
    IDOR
    
    Local/Remote file inclusion LFI/RFI
    
    Local/Remote file inclusion LFI/RFI
    
    File Upload
    
    SQL injection SQLi
    
    SQL injection SQLi
    
    Login Bypass
    
    My SQL
    
    Oracle SQL
    
    Postgre SQL
    
    Sql map
    
    Server-side Request Forgery SSRF
    
    Server-side Request Forgery SSRF
  - Snifing
    
    Snifing
    
    Burp Cheat Sheet
- Exploitation
  Exploitation
  - Metasploit
- Réseau
  Réseau
  - Scanning
    
    Scanning
    
    Nmap Cheat Sheet
  - Enumeration
    
    Enumeration
    
    FTP/21
    
    SSH/22
    
    SMB/193,445
    
    HTTP/HTTPS
    
    RDP
    
    SMTP
- Software
  Software
  - Exchange
    
    Exchange
    
    Checklist
- Cloud
  Cloud
  - Active Directory
    
    Active Directory
    
    Checklist
    
    Kerberos
    
    Impacket
- Cms
  Cms
  - Wordpress
    
    Wordpress
    
    WP Scan
  - Drupal
    
    Drupal
  - Joomla
    
    Joomla
  - Magento
    
    Magento
- Linux
  Linux
  - Command & Control
  - Enumeration
    
    Enumeration
    
    Lin Enum
  - Privilege Escalation
    
    Privilege Escalation
  - Persistence
    
    Persistence
  - Shell
    
    Shell
    
    Web Shell
    
    Reverse Shell
- Windows
  Windows
  - MimiKatz
  - Privilege Escalation
    
    Privilege Escalation
    
    Checklist
    
    Domain
  - Persistence
    
    Persistence
    
    Checklist
    
    Domain
Programation
Programation
- High Level
  High Level
  - python
    
    python
  - php
    
    php
  - javascript
    
    javascript
- Low Level
  Low Level
  - ASM
    
    ASM
  - C
    
    C
Cryptographie
Cryptographie
- Hash Crack
  Hash Crack
- Encode | Decode
  Encode | Decode
Forensics
Forensics
- Steganographie
  Steganographie
  - File
    
    File
Network
Network
- Wifi
  Wifi
  - Cracking
  - Reaver
OSINT
OSINT
Pwn
Pwn
- System
  System
  - Buffer Overflows
Reverse Enginering
Reverse Enginering
Ressources
Ressources
Bookmarks
Bookmarks
Writeup
Writeup
- CTF
  CTF
References
References

Bug Bounty Checklist and Cheatsheets

HowToHunt – WAPT
HolyTips – Authenication
binarybrotherhood – Oauth Misconfiguration
HolyTips – File Upload
Notion – IDOR
Portswigger – XSS
Portswigger – SQLi
Medium – XXE
0xn3va – SSRF
Google Drive – 2FA
0xn3va – CORS
Medium – Business Logic Flaws
Hacktricks – CSRF
Thehackerish – Insecure deserialization
0xn3va – Web Cache Poisoning
Portswigger – HTTP request smuggling
Swisskyrepo – Command Injection
E11i0t4lders0n – SAML
Pandaonair – Race Condition
Janijay007 – S3 Bucket Misconfiguration
Portswigger – Server-Side Template Injection
Portswigger – WebSockets Vulnerabilities