Beginner Ethical Hacking Cheat Sheet
Note : This guide will help you in the times when you need assistance with any commands and tips regarding some of the topics covered
Kali Linux 🐉
Universal Start here
Use Case
- When you dont want to start installing everything on your own
- Find every tools mentioned below ready out of the box.
OWASP ZAP ⚡
Use this tool to generate a basic report of vulnerability
Use Case
- Report for a website
- Basic test for XSS and SQL injection based attacks.
SQLMap 💉
Use this tool when you want to test a web app which uses any kind of backend tied to a Database or else it wouldn’t be much useful
Use Case
- When you want to get access to webapp’s DB
- When you want to get access to OS or SQL Shell which is final thing a “Web app” need LOL !
- Just to Randomly test sites on internet with Dorks and target them for bounty
hping3 🤞
Use this tool when you want to test a web app is vulnerable to DDOS or any kind of denial Service Attacks
Use Case
- When you want to make a service unusable
- Load test and Test server Configurations
Shhgit 👂
Use this tool to check for Tokens that are leaked in Github or Bitbucket
Use Case
- When you want to protect you organization.
- Automate leaked keys rotations.
Burp Suite 🥴
Wanna test API’s of a web app and Bruteforce then this is the way to go
Use Case
- Brute Force is needed in a login page
- When a Webapp is using lot of API, This tool make kinda sense to find if there is any misconfiguration
- In any case you want just list all the API that a particular Web app communicates