explaingit

olivierlaflamme/cheatsheet-god

5,536Audience · ops devopsComplexity · 1/5LicenseSetup · easy

TLDR

A large reference collection of penetration testing commands, techniques, and curated learning resources assembled to support OSCP certification preparation and hands-on security practice in CTF and lab environments.

Mindmap

mindmap
  root((Cheatsheet-God))
    What it does
      Pentest reference
      Command lookup
      Resource links
    Topics
      Network scanning
      Web app testing
      Privilege escalation
      Windows and Linux
    Use Cases
      OSCP prep
      CTF competitions
      Red team practice
    External Resources
      Hack The Box
      TryHackMe
      OWASP guides
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Look up exact commands for network scanning, web app testing, or privilege escalation during an OSCP lab session.

USE CASE 2

Use the curated resource links to find practice labs on Hack The Box or TryHackMe while studying for OSCP.

USE CASE 3

Keep the cheatsheets open as a quick reference during a Capture the Flag competition to avoid forgetting command syntax.

USE CASE 4

Discover security research blogs, testing methodologies, and video channels recommended by practitioners.

Getting it running

Difficulty · easy Time to first run · 5min
Free to share and adapt as long as you give credit and release your changes under the same Creative Commons license.

In plain English

Cheatsheet-God is a large reference collection for people studying or practicing penetration testing, which is the practice of legally testing computer systems and networks for security weaknesses. The repository was assembled to support preparation for the OSCP and related certifications, which are hands-on security credentials that require demonstrating practical hacking skills in controlled environments. The content is organized as text files covering different areas of security testing. These include notes on how to scan networks for open services, how to find and use known software vulnerabilities, how to attack web applications, how to work with Windows and Linux systems during a test, and how to escalate access once inside a system. The files are designed to be quick-reference guides rather than full tutorials, giving commands and techniques in a condensed format. Beyond the cheatsheet files, the README links to a very large set of external resources the author has collected over time. These include blogs written by security researchers, forums where practitioners discuss techniques, practice lab platforms where you can legally attack intentionally vulnerable machines (such as Hack The Box, TryHackMe, and VulnHub), video channels, and links to established testing methodologies from organizations like OWASP. The collection spans both free and paid resources. The project is licensed under Creative Commons CC-BY-SA 4.0, meaning anyone can use and share the material as long as they give credit and share changes under the same terms. Contributions from other researchers have been incorporated and credited in the README. This is a reference repository, not software to run. Its value is as a single place to look up commands and find learning resources rather than having dozens of separate bookmarks. The full README is longer than what was shown.

Copy-paste prompts

Prompt 1
From Cheatsheet-God, give me the key commands for enumerating open ports and services on a target Linux machine during a penetration test.
Prompt 2
I'm studying for OSCP, which sections of Cheatsheet-God cover Windows privilege escalation and how do I use those techniques on a Hack The Box machine?
Prompt 3
Using the web application testing section, walk me through the steps to manually test a login form for SQL injection and XSS.
Prompt 4
What OWASP resources and external methodology links does Cheatsheet-God reference for building a full penetration test workflow?
Prompt 5
Give me the post-exploitation commands from Cheatsheet-God for maintaining access and pivoting to other hosts after initial compromise.
Open on GitHub → Explain another repo

← olivierlaflamme on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.