Pentest Cheatsheets

Kerberoasting, AS-REP roasting, BloodHound analysis, DACL abuse, DCSync, Pass-the-Hash, Pass-the-Ticket, ACL attacks, and domain persistence techniques.

SQL injection, XSS, SSRF, XXE, IDOR, authentication bypass, API security testing, JWT attacks, OAuth abuse, and business logic flaws with full payloads.

SUID/GUID, sudo misconfigs, cron jobs, capabilities, NFS, weak file permissions, kernel exploits, container escapes, and service exploitation.

AlwaysInstallElevated, unquoted service paths, DLL hijacking, token impersonation, SeImpersonatePrivilege, registry abuse, and UAC bypass techniques.