Page cover

Cheat Sheets & Resources

These are not intended to be definitive, but a resource to add to your cheat sheet tool kit.

A portion of these cheat sheets will only be relevant to the cybersecurity professionals that are specifically in a technical role. However, the key to being a good cybersecurity professional is to always be learning. You may not have to run SQL Injection tests in your career path, but you should understand the fundamental purpose of it.

General Resources

Cyberstash is a wonderful resource created by a fellow Redditor. A curated directory of cybersecurity tools and resources for infosec professionals.

The DoD Cybersecurity Reference Guide is a readily available references to support Security Cooperation across the USG, commercial sector, and U.S. allies and partners. Within this document, readers will find information regarding cybersecurity norms, best practices, policies, and standards written and adopted by the U.S. federal government, the U.S. Department of Defense, and recognized institutional standards.

Cheat Sheets

Kali Linux: https://www.comparitech.com/net-admin/kali-linux-cheat-sheet/

SQL Injection: https://portswigger.net/web-security/sql-injection/cheat-sheet

nmap: https://www.stationx.net/nmap-cheat-sheet/

OWASP's web security cheat sheets: https://cheatsheetseries.owasp.org/IndexTopTen.html

Metasploit: https://github.com/security-cheatsheet/metasploit-cheat-sheet

Wireshark: https://www.comparitech.com/net-admin/wireshark-cheat-sheet/

tcpdump: https://packetlife.net/media/library/12/tcpdump.pdf

vi: https://www.atmos.albany.edu/daes/atmclasses/atm350/vi_cheat_sheet.pdf

Burp Suite: https://www.sans.org/posters/burp-suite-cheat-sheet/

aircrack-ng: https://gist.github.com/dogrocker/86881d2403fee138487054da82d5dc2e

nessus: https://github.com/LimberDuck/nessus-cheat-sheet/blob/main/nessus-cheat-sheet.adoc

john the ripper: https://countuponsecurity.files.wordpress.com/2016/09/jtr-cheat-sheet.pdf

hashcat: https://github.com/frizb/Hashcat-Cheatsheet

sqlmap: https://gist.github.com/ingramali/af16d31eace1f90574147cbc94e9e965

openSSH: https://gist.github.com/githubfoam/95b375f3770cf2a1d88d8592a8c92e2b

SANS Ultimate List Of Cheat Sheets https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

Certificate Specific

CISSP

https://cdn.comparitech.com/wp-content/uploads/2020/01/CISSP-Cheat-Sheet-Domain-3.pdf

Security+

https://cheatography.com/sokoctopus/cheat-sheets/security-601-exam/

Offensive Security Certified Professional (there are no shortage of these):

https://gitlab.com/lagarian.smith/oscp-cheat-sheet/-/blob/master/OSCP_Notes.md

https://github.com/0xsyr0/OSCP

https://github.com/akenofu/OSCP-Cheat-Sheet

Offensive Security Experienced Professional

https://exploit-me.com/blog/osep-cheat-sheet/

Offensive Security Web Expert

https://jorgectf.gitbook.io/awae-oswe-preparation-resources/other-repositories

Offensive Security Exploit Developer

https://github.com/mrtouch93/OSED-Notes

Exploit and vulnerability resources

LogoOffensive Security’s Exploit Database Archive
LogoVulnerability & Exploit DatabaseRapid7
LogoVulnerability & Exploit DatabasePentest-Tools.com
LogoMITRE ATT&CK®
PreviousYouTube Channels & SubredditsNextNews

Last updated