Interactive Cheatsheets

Searchable command references for pentesting, CTF, and security research. Click any command to copy.

All exploitation (7) web-pentest (7) active-directory (6) recon (3) mobile-pentest (2) network-pentest (2) cloud-pentest (1) privesc (1) forensics (1)

active-directory

Responder — LLMNR/NBT-NS Poisoning

Responder poisons LLMNR, NBT-NS, and mDNS to capture NTLMv2 hashes from Windows hosts on the local n…

active-directory

Impacket — Windows & Active Directory Attacks

Impacket Python library with tools for SMB, MSRPC, Kerberos, NTLM, WMI, and AD attacks.

active-directory

Mimikatz — Windows Credential Dumping

Mimikatz extracts plaintext passwords, hashes, PIN codes, and Kerberos tickets from Windows memory.

active-directory

Kerbrute & Rubeus — Kerberos Attacks

Kerbrute for username enumeration and password spraying; Rubeus for full Kerberos attack toolkit.

active-directory

BloodHound — Active Directory Attack Path Analysis

BloodHound maps Active Directory attack paths using graph theory to find privilege escalation routes…

active-directory

NetExec (CrackMapExec) — AD Lateral Movement

NetExec (nxc) — the Swiss Army knife for Windows/AD lateral movement, credential spraying, and post-…