Nmap Cheatsheet
Nmap is a powerful open-source tool commonly used by system/network administrators and security professionals to perform network discovery, security auditing, and basic vulnerability assessment.
Infosec for Beginners
EyeWitness Cheatsheet
Offensive Purpose: Efficient way to gather info about web services & their hosting infrastructure. Automates taking screenshots for quick & easy review.
Hashcat Cheatsheet
Hashcat is a powerful tool for recovering lost passwords, and, thanks to GPU acceleration, it’s one of the fastest. It works by rapidly trying different password guesses to determine the original password from its scrambled (hashed) version.
Wireshark Cheatsheet
Wireshark is an incredible tool used to read and analyze network traffic coming in and out of an endpoint. Additionally, it can load previously captured traffic to assist with troubleshooting network issues or analyze malicious traffic to help determine what a threat actor is doing on your network.
Burp Suite Cheatsheet
Burp Suite is an intercepting HTTP proxy that can also scan a web-based service for vulnerabilities. A tool like this is indispensable for testing web applications. Burp Suite is written in Java and comes bundled with a JVM, so it works on any operating system you’re likely to use.
GraphRunner Cheatsheet
GraphRunner is a collection of post-exploitation PowerShell modules for interacting with the Microsoft Graph API. It provides modules for enumeration, exfiltration, persistence, and more!
DNS Triage Cheatsheet
DNS Triage is a reconnaissance tool that finds information about an organization’s infrastructure, software, and third-party services as fast as possible. The goal of DNS Triage is not to exhaustively find every technology asset that exists on the internet. The goal is to find the most commonly abused items of interest for real attackers.
John Strand’s 5 Phase Plan For Starting in Computer Security
This article was originally published in the SOC Issue of our PROMPT# zine, which you can read for free HERE. The information was adapted from the 2018 webcast “John Strand’s […]
What Is Penetration Testing?
In today’s world, security is more important than ever. As organizations increasingly rely on technology to drive business, digital threats are becoming more sophisticated, varied, and difficult to defend against. […]