Archive - Learn Pentesting like a Pro!

New

Top

Path Traversal Cheat Sheet

List of useful paths to exploit path traversal in Windows and Linux

Mar 27 •

pentesting.academy

February 2023

Basic recommendations to avoid #ransomware attacks

CISA give us some guidance to avoid this raising trend: Preparing for Ransomware Maintain offline backups of data, and regularly test backup and…

Feb 28 •

pentesting.academy

Apply this 10 rules to defend your Kubernetes cluster properly

Ten security recommendations to protect your Kubernetes deployment

Feb 20 •

pentesting.academy

Patch your VMware ESXi now!

Ransomware attacks are raising against ESXi infrastructure

Feb 13 •

pentesting.academy

✅ Quick guide for password cracking

Learn different techniques to create custom wordlists from the content of a website and how to use John the Ripper or Hashcat to crack Windows or Linux…

Feb 8 •

pentesting.academy

SSRF cheat sheet for AWS, GCP and Azure

In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources. The attacker…

Feb 6 •

pentesting.academy

🥷 Top sites for passive reconnaissance

Passive reconnaissance is a critical step for bug bounties or penetration testing engagements, get ready!

Feb 3 •

pentesting.academy

January 2023

Top 10 smart contract vulnerabilities on Ethereum

Understand what are the most common security threats within the Ethereum Smart Contracts

Jan 21 •

pentesting.academy

Hacking Ethereum EVM: Get Txs & OPcodes basics

To grab big bounties in Web3 you rather get inside the Matrix =D

Jan 20 •

pentesting.academy

How to scan a host with RustScan

After using nmap and unicornscan for a while, RustScan is probably the fastest to scan TCP and UDP ports, learn how to use it

Jan 18 •

pentesting.academy

Fuzzing with Radamsa in BlackArch

When looking for new vulnerabilities, fuzzing, is a great technique to crash apps with unexpected data, learn how to do it.

Jan 18 •

pentesting.academy

✅ Best commands for Port Scanning — For OSCP, pentests, bug bounties

Learn several techniques to scan hosts, bypass firewalls and scan the whole IPv4 universe.

Jan 13 •

pentesting.academy

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts