A Remark about Cheat Sheets
Everyone is aware that cheat sheets are hip! They are especially helpful if you already understand the fundamentals of a subject but need to search up specifics when you are unsure of anything.
It might be challenging to remember everything, especially if you are unfamiliar with the subject and must absorb a lot of new information.
Let’s say you’re a security analyst who has just started your career. Many new tools, command options, attacks, and other things will need to be learned. How can each IP address in a network be quickly looked up using reverse DNS? How can a specific nmap script be executed against all servers listening on port 23? How do you display the specifics of a TLS service certificate? What changed for this Metasploit payload generation tool? What did the logonpasswords command in mimikatz? And once more, how can I use SOCKS to reuse relayed NTLM sessions? Okay, I believe you understand; it’s not so simple, is it?
Hacking Tools Cheat Sheet
- Basic Linux Networking Tools (ip, dig)
- Information Gathering (whois, CT logs, subdomain enumeration)
- TCP Tools (ncat)
- TLS Tools (openssl, ncat, sslyze, socat)
- HTTP Tools (python webserver, curl, nikto, gobuster)
- Sniffing (ARP spoofing, tcpdump, Wireshark, …)
- Network Scanning (nmap, masscan)
- Shells (Bind/reverse shells)
- Vulnerability DBs and Exploits (searchsploit and some links)
- Cracking (ncrack, hashcat, John the Ripper)
- Metasploit Framework (Use exploits, generate shells, shell listeners, meterpreter, pivoting, SOCKS proxying)
- Linux Privilege Escalation (LinEnum, lynis, GTFOBins)
- Windows Privilege Escalation (PowerSploit, smbmap)
- Windows Credentials Gathering (mimikatz, lsadump)
- Passh-The-Hash (Lots of impacket tools)
- NTLM Relay (ntlmrelayx, SOCKS proxying)
- Active Directory (BloodHound & PingCastle)
- Online References