“UGH! Whats the command to [insert function here]?”
Shortcuts, hot-keys, and power use is leveraged through knowing application commands. Sad thing is, if you aren’t in the application all the time, it’s easy to remember that it can be done, but tough to recall the keystrokes to accomplish it. FEAR NOT INFOSEC COMPATRIOTS! I got you.
Here is a curated list of cheat sheets for many popular tech in our cybersecurity space. I’ve been compiling them for a bit, but this seems like the group that would most benefit. Cheers!
I didnt create any of these cheatsheets, so much love and appreciation to the authors themselves. We all win.
Gerry’s Cheatsheets Compilation
-
OWASP Compilation of Cheat Sheets OWASP Compilation of Cheat Sheets
-
Privilege-Escalation: This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples. Privilege-Escalation
-
Malware analysis tools and resources. Malware analysis tools and resources
-
Analyzing Malicious Documents Cheat Sheet Analyzing Malicious Documents Cheat Sheet
-
ReverseEngineering Cheat Sheet ReverseEngineering Cheat Sheet
-
SQL Injection | Various DBs SQL Injection | Various DBs
-
Nmap Cheat Sheet and Pro Tips Nmap Cheat Sheet and Pro Tips
-
PENTESTING LocalFileInclude Cheat Sheet PENTESTING LocalFileInclude Cheat Sheet
-
Penetration Testing Tools Cheat Sheet Penetration Testing Tools Cheat Sheet
-
Reverse Shell Cheat Sheet Reverse Shell Cheat Sheet
-
nbtscan Cheat Sheet nbtscan Cheat Sheet
-
Linux Commands Cheat Sheet Linux Commands Cheat Sheet
-
Kali Linux Cheat Sheet Kali Linux Cheat Sheet
-
Hacking Tools Cheat Sheet (Diff tools) Hacking Tools Cheat Sheet (Diff tools)
-
Google Search Operators: The Complete List (42 Advanced Operators) Google Search Operators: The Complete List (42 Advanced Operators)
-
(Multiple) (Good) Cheat Sheets - Imgur Imgur Cheat Sheets
-
Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. Active-Directory-Exploitation-Cheat-Sheet
-
Shodan Query Filters Shodan Query Filters
-
Getting Real with XSS - A reference on the new techniques to XSS Getting Real with XSS
-
SANS Massive List of Cheat Sheets Curated from here: SANS Cheat Sheets
General IT Security
-
Windows and Linux Terminals & Command Lines Windows and Linux Terminals & Command Lines
-
TCP/IP and tcpdump TCP/IP and tcpdump
-
IPv6 Pocket Guide IPv6 Pocket Guide
-
Powershell Cheat Sheet Powershell Cheat Sheet
-
Writing Tips for IT Professionals Writing Tips for IT Professionals
-
Tips for Creating and Managing New IT Products Tips for Creating and Managing New IT Products
-
Tips for Getting the Right IT Job Tips for Getting the Right IT Job
-
Tips for Creating a Strong Cybersecurity Assessment Report Tips for Creating a Strong Cybersecurity Assessment Report
-
Critical Log Review Checklist for Security Incidents Critical Log Review Checklist for Security Incidents
-
Security Architecture Cheat Sheet for Internet Applications Security Architecture Cheat Sheet for Internet Applications
-
Tips for Troubleshooting Human Communications Tips for Troubleshooting Human Communications
-
Security Incident Survey Cheat Sheet for Server Administrators Security Incident Survey Cheat Sheet for Server Administrators
-
Network DDoS Incident Response Cheat Sheet Network DDoS Incident Response Cheat Sheet
-
Information Security Assessment RFP Cheat Sheet Information Security Assessment RFP Cheat Sheet
Digital Forensics and Incident Response
-
SIFT Workstation Cheat Sheet SIFT Workstation Cheat Sheet
-
Plaso Filtering Cheat Sheet Plaso Filtering Cheat Sheet
-
Tips for Reverse-Engineering Malicious Code Tips for Reverse-Engineering Malicious Code
-
REMnux Usage Tips for Malware Analysis on Linux REMnux Usage Tips for Malware Analysis on Linux
-
Analyzing Malicious Documents Analyzing Malicious Documents
-
Malware Analysis and Reverse-Engineering Cheat Sheet Malware Analysis and Reverse-Engineering Cheat Sheet
-
SQlite Pocket Reference Guide SQlite Pocket Reference Guide
-
Eric Zimmerman’s tools Cheat Sheet Eric Zimmerman’s tools Cheat Sheet
-
Rekall Memory Forensics Cheat Sheet Rekall Memory Forensics Cheat Sheet
-
Linux Shell Survival Guide Linux Shell Survival Guide
-
Windows to Unix Cheat Sheet Windows to Unix Cheat Sheet
-
Memory Forensics Cheat Sheet Memory Forensics Cheat Sheet
-
Hex and Regex Forensics Cheat Sheet Hex and Regex Forensics Cheat Sheet
-
FOR518 Mac & iOS HFS+ Filesystem Reference Sheet FOR518 Mac & iOS HFS+ Filesystem Reference Sheet
The majority of DFIR Cheat Sheets can be found here.
Penetration Testing
-
Windows Intrusion Discovery Cheat Sheet v3.0 Windows Intrusion Discovery Cheat Sheet v3.0
-
Intrusion Discovery Cheat Sheet v2.0 (Linux) Intrusion Discovery Cheat Sheet v2.0 (Linux)
-
Intrusion Discovery Cheat Sheet v2.0 (Windows 2000) Intrusion Discovery Cheat Sheet v2.0 (Windows 2000)
-
Windows Command Line Windows Command Line
-
Netcat Cheat Sheet Netcat Cheat Sheet
-
Misc Tools Cheat Sheet Misc Tools Cheat Sheet
-
Python 3 Essentials Python 3 Essentials
-
Windows Command Line Cheat Sheet Windows Command Line Cheat Sheet
-
SMB Access from Linux Cheat Sheet SMB Access from Linux Cheat Sheet
-
Pivot Cheat Sheet Pivot Cheat Sheet
-
Google Hacking and Defense Cheat Sheet Google Hacking and Defense Cheat Sheet
-
Scapy Cheat Sheet Scapy Cheat Sheet
-
Nmap Cheat Sheet Nmap Cheat Sheet
Cloud Security
- Multicloud Cheat Sheet Multicloud Cheat Sheet
All Around Defender Primers
-
Linux CLI 101 Linux CLI 101
-
Linux CLI Linux CLI
-
PowerShell Primer PowerShell Primer
-
PowerShell Get-WinEvent PowerShell Get-WinEvent
Anyone have a strategy/tool they have found useful for aggregating these cheat sheets and then searching across them in-practice? For a while I’ve been compiling my own plaintext-based cheat sheets in flat files in a single dir and then searching across them using atom - copying/pasting out of there.
I’ve been using Obsidian. I copy the parts that I think will be most relevant to me along with a link back to where I found it. Depending on what it is sometimes I create/save and include an archive.org link in case the original post disappears. For pages that are more important I’ll also create an offline copy of the page using the SingleFile browser extension. Obsidian is where the bulk of everything I want to reference later goes though and it makes searching easy. Since it’s just markdown you could probably drop your folders of plaintext files into the Obsidian folder structure and it would, I think, just add them.
Actually that’s wrong – by default it won’t open them, but this has options: https://www.reddit.com/r/ObsidianMD/comments/qgyjij/obsidian_and_txt_files_getting_started/
Yeah I too have obsidian and moved some things in there. Cool!