Security is powered by knowledge and your brain is your hard drive. Too bad that storage is temporary and the file system isn’t optimized for searching. Let’s face it, it’s nearly impossible to remember everything. Sure, the brain can store tremendous amount of data. The problem is finding that useful piece of data when you need it. Remember back in high school when you (hopefully) produced some cheat sheets, carefully jotting down the most important facts on historical figures? Guess what? We do the same in pen testing. In order to combat the limited search option in our brain, we jot down useful concepts and commands for later use. Often we put them on the Net freely available for anybody. Today I am showing you some of the cheat sheets I’ve been using over the years. I hope you find them useful!
And remember: there are tons of cheat sheets out on the Net to discover!
- Unix / Linux Command Reference (PDF)
- The one page Linux manual (PDF)
- All the Best Linux Cheat Sheets
- Cheat Sheet for Windows Command Prompt
- Various on Power Shell
- Various compendiums
- Google Hacking (PDF)
- Nmap Cheat Sheet (PDF)
- Metasploit Cheat Sheet
- PHP Security
- OWASP CSRF Preventions Cheat Sheet
- HTML5 Security Cheat Sheet
- OWASP top ten cheat sheet
- Mimikatz Kerberos Golden Ticket tutorial
Handling print outs or PDF’s can be a hassle. Paper sheets floating around, never sure where you stored that particular PDF you need. That sucks. Luckily, someone took the effort to produce a cheat sheet book so you can misplace all cheats at once. Meet the RTFM: Red Team Field Manual by Ben Clark – a great book that contains lists upon lists with handy commands. It contains lists of useful commands on *NIX, Windows, networking, web, databases and what not. I have it right beside me at work. Whenever I need to know a obscure command, the book comes in and saves the day.