Cheat Sheets

Notes for quick reference on tools, languages, operating systems, ports, etc.

Technologies	Browsers, Cisco Switch, Laravel, Microsoft Excel, Microsoft SharePoint, Microsoft Teams (O365), Nexus, Oracle ILOM, Oracle Linux / Oracle Exadata, Oracle Forms, Pretty Good Privacy (PGP), WebRTC, HLC Domino / Notes, Proxy
Web Servers	Apache Tomcat Server, Apache Web Server
Other	Artificial Intelligence (AI), File Transfer, XAMPP – Apache, MySQL, PHP, and Perl, SAP, Upgrade to full shell / Spawning TTY Shell

Cloud

• Amazon Simple Storage Service (Amazon S3)
• Amazon Web Services (AWS)
• Google Cloud
• Google Cloud Storage
• Microsoft Azure

CMS

• Contentful
• Drupal
• Joomla!
• WordPress

Databases

• IBM DB2
• Microsoft SQL Server (MSSQL)
• MongoDB
• MySQL
• OLE DB – Database connector
• Oracle Database
• PostgreSQL
• Redis
• SQLite
• Sybase ASE

Languages & Data formats

• AJAX
• Angular / AngularJS
• Bash
• C
• C++
• CSS
• Comma-separated values (CSV)
• Electron / Atom Shell – Software Framework
• Flask – Python web application framework
• Go/Golang
• GraphQL
• HTML
• Java
• Javascript
• JSON
• JSON Web Token (JWT)
• Large Language Models (LLMs)
• Markdown
• Node.js
• .NET (C#, ASP.NET)
• Object-Graph Navigation Language (OGNL)
• Perl
• PHP
• Portable Document Format (PDF)
• Powershell
• Python
• React & JSX
• Regular Expressions (Regex)
• Ruby
• Security Assertion Markup Language (SAML)

Operating Systems (OS)

Unix

• Kali Linux
• Mac OS
• Unix

Windows

• Windows
• For Users & Groups, see Users & Groups & Active Directory (AD)

Ports & Protocols

• Ports & Protocols
• Port Forwarding / Tunneling
• Inter-process communication (IPC)
• Cisco Discovery Protocol (CDP)
• XML Configuration Access Protocol (XCAP)

Port(s)		Protocol / Service
21	TCP	FTP
22	TCP	Secure Shell (SSH)
23	TCP	Telnet | Telnet 3270 / tn3270
25	TCP	Simple Mail Transfer Protocol (SMTP)
53	TCP	Domain Name System (DNS)
80/443	TCP	Web Applications & APIs (HTTP / HTTPS)
88	TCP	Kerberos
110	TCP	Post Office Protocol (POP/POP3)
11	TCP	Network File System (NFS)
135/593	TCP	Microsoft Remote Procedure Call (MSRPC)
139/445	TCP	Samba / SMB
143/993	TCP	Internet Message Access Protocol (IMAP/IMAPS)
161	UDP	Simple Network Management Protocol (SNMP)
389	TCP	Active Directory (AD) / Lightweight Directory Access Protocol (LDAP)
464	TCP	kpasswd
512	TCP	rexec
631	TCP	Internet Printing Protocol (IPP)
995	TCP	POP3S (POP3-over-SSL/TLS)
1433	TCP	Microsoft SQL Server (MSSQL)
1521	TCP	Oracle Database
2401	TCP	Concurrent Versions System (CVS)
3306	TCP	MySQL
3389	TCP	Remote Desktop Protocol (RDP)
3690	TCP	Subversion (SVN)
3872/1158/1159	TCP	Oracle Enterprise Manager (OEM)
5000	TCP	Sybase ASE
5432	TCP	PostgreSQL
5800/5900	TCP	Virtual Network Computing (VNC)
5060	TCP	Session Initiating Protocol (SIP)
5985/5986	TCP	Windows Remote Management (WinRM)
6379	TCP	Redis
7878/7879	TCP	Oracle Weblogic
9043	TCP	IBM WebSphere
10000	TCP	Webmin
27017	TCP	MongoDB
50000	TCP	IBM DB2
50001	UDP	AnyDesk

Security Controls

• Antivirus
• Captcha
• Citrix
• Firewalls: Firewalla
• Keycloak
• Password managers: Enpass, KeePass, 1Password | AD Self-Service: PassCore, PWM (GitHub)
• Splunk
• VPNs: Cisco AnyConnect VPN
• Windows Defender

Tools

For more tools, see Bug Bounty Forum, Kali Linux Tools Listing, and Offsec Tools.

• airbase-ng
• aircrack-ng
• airdecap-ng
• aireplay-ng
• airmon-ng
• airodump-ng
• Anbox
• Android Debug Bridge (adb)
• Atomic Red Team
• Audacity
• Bandit
• Binwalk
• besside-ng
• BloodHound
• Browser Exploitation Framework (BeEF)
• Burp Suite
• Canvas
• CeWL
• CloudBrute
• CloudFail
• CMSmap
• cntlm
• Coercer
• Commix
• Core Impact
• Covenant
• Crackmapexec
• Crowbar
• Crunch
• Cuckoo Sandbox
• Cupp
• curl
• CutyCapt
• Decoder / Converter / Generator / Decryption Tools
• Dastardly
• Dirb
• Dirbuster
• Discover Scripts
• Dmitry – Deep Magic Information Gathering
• Docker
• Dradis
• Enum4Linux
• Ettercap
• Evans debugger (EDB)
• Exiftool
• FCrackZIP
• Fern Wifi Cracker
• ffdec
• Fierce
• fuzzdb
• gcc / g++
• ghidra
• Github / Git Client / Gitbook
• Gitleaks
• Gitrob
• GNU Debugger (GDB)
• Gobuster
• Google Hacking Database (GHDB)
• hash-identifier
• Hashcat
• HTTPrint
• HTTrack
• Hydra
• Immunity Debugger
• Impacket
• IOXIDResolver
• iptables
• John the Ripper (JtR)
• lbd
• ldapsearch
• LibreOffice
• Low Orbit Ion Cannon
• Maltego
• Manspider
• Masscan
• Metagoofil
• Metasploit
• Meterpreter
• Mimikatz
• Mingw-w64
• Mobile-Security-Framework (MobSF)
• Msfvenom
• Name-That-Hash
• Ncat
• Ncrack
• Nessus ($$$)
• Netcat
• ngrok
• Nikto
• Nmap
• OpenSSH
• OpenVAS
• OpenVPN
• OWASP ZAP
• Pacu
• PDFCrack
• ping & hping3
• PowerShell Empire
• PowerUp
• PowerView
• ProxyChains
• Prowler
• psudohash
• PwnDoc
• radare2
• Recon-ng
• Remote Desktop Caching
• Responder
• rexec
• rpcclient
• Rubeus
• SAINT
• Scapy
• SearchSploit
• Shellter
• SIPVicious
• Sliver
• smbclient
• Socat
• Social Engineering Toolkit (SET)
• Sonarqube
• SPARTA
• SQLmap
• SQLninja
• SQuirreL
• SSLscan
• SSLstrip
• Steghide
• sublist3r
• Sysinternals (AccessChk | Process Monitor | Sigcheck | TCPView)
• Tcpdump
• Telnet
• Tenable Network Security – Security Center
• TheHarvester
• TOR Browser
• Tplmap
• traceroute (command)
• Trufflehog
• Tsunami
• Twofi
• vi
• Vinetto
• VisualCodeGrepper
• Volatility
• wafw00f
• WhatWeb
• Wifi Pineapple
• Wifite
• Wine
• Wireshark
• WPScan, see WordPress