Cheat Sheets

Notes for quick reference on tools, languages, operating systems, ports, etc.

Technologies	Browsers, Cisco Switch, Laravel, Microsoft Excel, Microsoft SharePoint, Microsoft Teams (O365), Nexus, Oracle ILOM, Oracle Linux / Oracle Exadata, Oracle Forms, Oracle E-Business Suite (EBS), WebRTC, HLC Domino / Notes, Proxy Microsoft Office 365 (O365)
Other	Artificial Intelligence (AI), File Transfer, XAMPP – Apache, MySQL, PHP, and Perl, SAP, Upgrade to full shell / Spawning TTY Shell

CMS

• Contentful
• Drupal
• Joomla!
• WordPress

Databases

• IBM DB2
• Microsoft SQL Server (MSSQL)
• MongoDB
• MySQL
• OLE DB – Database connector
• Oracle Database
• PostgreSQL
• Redis
• SQLite
• Sybase ASE

Languages & Data formats

• AJAX
• Angular / AngularJS
• Bash
• C
• C++
• CSS
• Comma-separated values (CSV)
• Electron / Atom Shell – Software Framework
• Flask – Python web application framework
• Go/Golang
• GraphQL
• HTML
• Java
• Javascript
• JSON
• JSON Web Token (JWT)
• Kotlin
• Large Language Models (LLMs)
• Markdown
• Node.js
• .NET (C#, ASP.NET)
• Object-Graph Navigation Language (OGNL)
• Perl
• PHP
• Portable Document Format (PDF)
• Powershell
• Python
• React & JSX
• Regular Expressions (Regex)
• Ruby
• Security Assertion Markup Language (SAML)

Operating Systems (OS)

Unix

• Kali Linux
• Mac OS
• Unix

Windows

• Windows
• For Users & Groups, see Users & Groups & Active Directory (AD)

Web Servers

• Apache Tomcat Server
• Apache Web Server
• Microsoft IIS

Ports & Protocols

• Ports & Protocols
• Port Forwarding / Tunneling

Port(s)		Protocol / Service
21	TCP	FTP
22	TCP	Secure Shell (SSH)
23	TCP	Telnet | Telnet 3270 / tn3270
25	TCP	Simple Mail Transfer Protocol (SMTP)
53	TCP	Domain Name System (DNS)
80/443	TCP	Web Applications & APIs (HTTP / HTTPS) XML Configuration Access Protocol (XCAP), over HTTP
88	TCP	Kerberos
110/995	TCP	Post Office Protocol (POP/POP3/POP3S)
11	TCP	Network File System (NFS)
135/593	TCP	Microsoft Remote Procedure Call (MSRPC)
139/445	TCP	Samba / SMB
143/993	TCP	Internet Message Access Protocol (IMAP/IMAPS)
161	UDP	Simple Network Management Protocol (SNMP)
389	TCP	Active Directory (AD) / Lightweight Directory Access Protocol (LDAP)
464	TCP	kpasswd
512	TCP	rexec
631	TCP	Internet Printing Protocol (IPP)
1433	TCP	Microsoft SQL Server (MSSQL)
1521	TCP	Oracle Database
2401	TCP	Concurrent Versions System (CVS)
3306	TCP	MySQL
3389	TCP	Remote Desktop Protocol (RDP)
3690	TCP	Subversion (SVN)
3872/1158/1159	TCP	Oracle Enterprise Manager (OEM)
5000	TCP	Sybase ASE
5432	TCP	PostgreSQL
5800/5900	TCP	Virtual Network Computing (VNC)
5060	TCP	Session Initiating Protocol (SIP)
5985/5986	TCP	Windows Remote Management (WinRM)
6379	TCP	Redis
7878/7879	TCP	Oracle Weblogic
9043	TCP	IBM WebSphere
10000	TCP	Webmin
27017	TCP	MongoDB
50000	TCP	IBM DB2
50001	UDP	AnyDesk
Data Link OSI Layer 2		Cisco Discovery Protocol (CDP)
		Inter-process communication (IPC)

Security Controls

• Antivirus
• Captcha
• Citrix
• Firewalls: Firewalla
• Keycloak
• Password managers: Enpass, KeePass, 1Password | AD Self-Service: PassCore, PWM (GitHub)
• Pretty Good Privacy (PGP)
• Splunk
• VPNs: Cisco AnyConnect VPN
• Web Application Firewalls: Cloudflare
• Windows Defender

Tools

For more tools, see Bug Bounty Forum, Kali Linux Tools Listing, and Offsec Tools.

• airbase-ng
• aircrack-ng
• airdecap-ng
• aireplay-ng
• airmon-ng
• airodump-ng
• Anbox
• Android Debug Bridge (adb)
• Atomic Red Team
• Audacity
• Bandit
• Binwalk
• besside-ng
• BloodHound
• Browser Exploitation Framework (BeEF)
• Burp Suite
• Canvas
• Certipy
• CeWL
• CloudBrute
• CloudFail
• CMSmap
• cntlm
• Coercer
• Commix
• Core Impact
• Covenant
• Crackmapexec
• Crowbar
• Crunch
• Cuckoo Sandbox
• Cupp
• curl
• CutyCapt
• Decoder / Converter / Generator / Decryption Tools
• Dastardly
• Dirb
• Dirbuster
• Discover Scripts
• Dmitry – Deep Magic Information Gathering
• Docker
• Dradis
• Enum4Linux
• Ettercap
• Evans debugger (EDB)
• Exiftool
• FCrackZIP
• Fern Wifi Cracker
• ffdec
• FFmpeg
• Fierce
• fuzzdb
• gcc / g++
• ghidra
• Github / Git Client / Gitbook
• Gitleaks
• Gitrob
• GNU Debugger (GDB)
• Gobuster
• Google Hacking Database (GHDB)
• hash-identifier
• Hashcat
• HTTPrint
• HTTrack
• Hydra
• Immunity Debugger
• Impacket
• IOXIDResolver
• iptables
• John the Ripper (JtR)
• lbd
• LDAP Nom Nom
• ldapsearch
• LibreOffice
• Low Orbit Ion Cannon
• Maltego
• Manspider
• Masscan
• Metagoofil
• Metasploit
• Meterpreter
• Microsoft Visio
• Mimikatz
• Mingw-w64
• Mobile-Security-Framework (MobSF)
• Msfvenom
• Name-That-Hash
• Ncat
• Ncrack
• Nessus ($$$)
• Netcat
• ngrok
• Nikto
• Nmap
• OpenSSH
• OpenVAS
• OpenVPN
• OWASP ZAP
• Pacu
• PDFCrack
• ping & hping3
• PowerShell Empire
• PowerUp
• PowerView
• ProxyChains
• Prowler
• psudohash
• Putty
• PwnDoc
• radare2
• Recon-ng
• Remote Desktop Caching
• Responder
• rexec
• rpcclient
• Rubeus
• SAINT
• Scapy
• SearchSploit
• Shellter
• SIPVicious
• Sliver
• smbclient
• Socat
• Social Engineering Toolkit (SET)
• Sonarqube
• SPARTA
• SQLmap
• SQLninja
• SQuirreL
• SSLscan
• SSLstrip
• Steghide
• sublist3r
• Sysinternals (AccessChk | Process Monitor | Sigcheck | TCPView)
• Tcpdump
• Telnet
• Tenable Network Security – Security Center
• TheHarvester
• TOR Browser
• Tplmap
• traceroute (command)
• Trufflehog
• Tsunami
• Twofi
• vi
• Vinetto
• VisualCodeGrepper
• Volatility
• wafw00f
• WhatWeb
• Wifi Pineapple
• Wifite
• Wine
• Wireshark
• WPScan, see WordPress