OK, so we’d all like to be 1337 and know everything without missing a beat, but for mere mortals like myself I find that impossible so I’m a fan of the various cheat sheets that people and organisations put out for succinct, to the point memory joggers.
I’ve got links to these scattered in various places and I’ve been meaning to get them organised in single location for a while, Lenny Zeltser’s recent tweet (@lennyzeltser) pointing out a couple of new resources gave me a reminder that this has been on my to-do list for too long, so here goes:
- SANS – Intrusion Discovery (Linux)
- SANS – Intrusion Discovery (Windows)
- SANS – Netcat
- SANS – Misc. Tools (Hping, Metasploit & fgDump)
- SANS – Windows Commandline
- SANS – TCP/IP & tcpdump
- SANS – Google Hacking
- SANS Forensics – USB Forensics on XP
- SANS Forensics – USB Forensics on Vista/Win7
- Lenny Zeltser – DDoS incident handling
- Lenny Zeltser – Reverse Engineering
- Lenny Zeltser – Security Achitecture for Internet Applications (added 2009-06-22)
- Lenny Zeltser – Analysing Malicious Documents (added 2009-11-20)
- Josh Wright – IEEE802.11 Pocket Reference
- SecGuru – Nessus & Nmap
- Security By Default – Nmap 5
- DeviantArt – Visual Hardware
- TechNet – PowerShell Quick Referense
- Cheat Sheets.org – Too Numerous too list
- Greebo.net – OWASP 2010 Top 10
- BlueLiv – Meterpreter
- Counterhack – Permission Memo (OK, not strictly a cheat sheet, but still a handy template/guide)
- CERT Societe Generale – Worm Infection Incident Response Methodology (IRM)
- CERT Societe Generale – Windows Intrusion IRM
- Jens Roesen – CheckPoint CLI Reference
- OWASP – Multiple webapp cheat sheets
- Pentest Monkey – SSH cheat sheet (with examples)
If you’ve got some resources I’ve missed, then please feel free to share.
Likewise, if you created one of the linked to resources and don’t want the link here, just let me know and I’ll remove it. These resources have saved my bacon on numerous occasions so I definitely don’t want to be stepping on anyone’s toes.
— Andrew Waite
Thanks for posting these. It is nice to have all the lists in one place. I have a new blog on Data Privacy Insurance. If you'd like to follow it and make comments, go to http://www.iprotectyourdata.wordpress.com. I'm looking forward to reading more of your posts.
Thanks for the comment, just taking a look at your blog and looks good. I'll be keeping an eye on it for more new content.
Nice work Andrew.
I will certainly come back and have a good read through when I have some time.
Nice work Andrew.
I will certainly come back and have a good read through when I have some time.