Web
Web is usually the entry point at security in general.
Here I'll be mainly covering some tools that can help you when you do things related to web pentesting.
In the future I plan to write a guide on what you should usually do in each situation, but remember that's not a rule.
Table of Contents
Initial Enumerating
nmap - Nmap is an utility for network discovery and security auditing
WPScan - A black box WordPress vulnerability scanner.
Payloads and Reverse Shells
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF.
PHP Web Shells - Common PHP shells.
Scripts
LinuxPrivChecker - Script made to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits.
LinEnum - Scripted Local Linux Enumeration & Privilege Escalation Checks
Cheat Sheets
Last updated