Cheatography
https://cheatography.com
Common Terms
|
IP address a numerical label that identifies a computer on computer networks
|
|
port a number associated to a network protocol that receives or transmits communication for a specific service
|
|
CTF - Capture the Flag an information security competition that tests cybersecurity skills
|
|
enumeration process of systematically probing a target for information
|
|
Kali Linux a linux distribution pre-built with security tools
|
|
terminal a CLI (Command Line Interface) to interact with programs in the computer
|
Example: 192.168.1.1:22
- IP address: 192.168.1.1
- Port: 22
Common Security Tools
|
nmap a utility for network discovery and security auditing
|
|
hashcat a password cracking utility
|
|
dirbuster a utility to discover website directories that might exist
|
|
wpscan a scanning utility to gain information about a wordpress website
|
|
wfuzz a brute force utility
|
|
ssh a network communication protocol that enables two computers to communicate
|
|
nc Netcat is utility tool that uses that reads and writes to a network.
|
|
|
Helpful Command Line Tools
|
ls lists files
|
|
cat shows the contents of a file
|
|
find finds files that match a pattern
|
|
pwd displays the current folder's path
|
|
man shows documentation for a command
|
To look at the manual for the ls command, type: "man ls" without the quotes and hit enter. You can scroll with the arrow keys. Search for a word by typing "/word" without the quotes and hit enter. Exit a man document by typing "q"; make sure you are not in search mode.
Quick NMAP Commands
|
Example Commands Description of Command
|
|
nmap -p- 10.1.2.3 Attempt to find all the open ports for the target IP address.
|
|
nmap -sV -p80,443 10.1.2.3 Tries to find the service version of the software running on ports 80 and 443 for the target IP address.
|
|
nmap -A 10.1.2.3 Runs an aggressive scan that attempts to discover the Operating System, service version, traceroutes, and popular scripts against the target IP address.
|
|
nmap -sS 10.1.2.3 Runs a stealth Syn Scan on the target IP address.
|
10.1.2.3 is an example IP address. Replace with the one in your CTF.
Helpful WPScan Commands
|
wpscan --url 10.1.2.3 Starts a basic scan against the computer at IP Address 10.1.2.3
|
|
wpscan --url 10.1.2.3 --enumerate ap Runs a wordpress scan against 10.1.2.3
and attempts to enumerate all plugins |
|
wpscan --url 10.1.2.3 --enumerate u Runs a wordpress scan against 10.1.2.3
and attempts to enumerate usernames |
|
wpscan --url 10.1.2.3 --usernames admin --passwords passwords.txt Attempts to identify the password for the user admin on 10.1.2.3
using the password file passwords.txt
|
|
|
Helpful Commands
|
nc -nlvp 1234 Starts a netcat listener on your computer's port 1234. Netcat will listen and respond to traffic directed at this port. Useful for a exploiting a vulnerability.
|
|
python -c 'import pty; pty spawn("/bin/bash")' Reverse Shells can be unstable. This command attempts to stabalize any reverse shells with python.
|
|
find / -iname "*flag*" Searches the computer starting from the root (/) directory for files that match the pattern: [anything]flag[anything].
|
|
cat /home/kali/.ssh/config Displays the contents of the file config
from the folder path `/home/kali/.ssh/ |
|
ssh admin@10.1.2.3:22 Attempts a ssh connection to the computer at IP Address 10.1.2.3
on port 22
with the username admin
|
Popular File and Directories
|
/home/kali The home folder for the user kali
|
|
/etc System Configuration Files
|
|
/tmp A temporary filespace
|
|
/root The root user home folder
|
|
/var log files
|
|
/usr/share/wordlists A common Wordlist Directorey
|
|
/usr/share/wordlists/seclists A popular puplic collection of common security wordlists
|
|
/usr/share/wordlists/seclists/Passwords/Common-Credentials/best1050.txt A wordlist that contains a collection of 1050 popular passwords.
|
|
Created By
Metadata
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets