Cheat Sheets

Notes for quick reference on tools, languages, operating systems, ports, etc.

Content Management System (CMS)
Databases
Languages & Data formats
Operating Systems (OS)
Hypervisors
Web Servers
Ports & Protocols
Security Controls
Tools

Other Cheat Sheets:

Browsers, Cisco Switch, Laravel, Microsoft Excel, Microsoft SharePoint, Microsoft Teams (O365), Nexus, Oracle ILOM, Oracle Linux / Oracle Exadata, Oracle Forms, Oracle E-Business Suite (EBS), WebRTC, HLC Domino / Notes, Proxy
Microsoft Office 365 (O365), File Transfer, XAMPP – Apache, MySQL, PHP, and Perl, SAP, Upgrade to full shell / Spawning TTY Shell, Privacy

Content Management System (CMS)

Databases

Languages & Data formats

AJAX
Angular / AngularJS
Bash
C
C++
CSS
Comma-separated values (CSV)
Electron / Atom Shell – Software Framework
Flask – Python web application framework
Go/Golang
GraphQL
HTML
Java
Javascript
JMESPath
JQL, see Jira
JSON
JSON Web Token (JWT)
Kotlin
Large Language Models (LLMs)
Markdown
Node.js
.NET (C#, ASP.NET)
Object-Graph Navigation Language (OGNL)
Perl
PHP
Portable Document Format (PDF)
Powershell
Python
React & JSX
Regular Expressions (Regex)
Ruby
Security Assertion Markup Language (SAML)

Operating Systems (OS)

Unix

Windows

Windows
Windows Subsystem for Linux (WSL)
For Users & Groups, see Users & Groups & Active Directory (AD)

Hypervisors

For VirtualBox and Proxmox, see Kali Linux. For classification (native/bare-metal vs hosted hypervisors), see Hypervisor (Wikipedia).

Web Servers

Ports & Protocols

Port(s)		Protocol / Service
21	TCP	FTP
22	TCP	Secure Shell (SSH)
23	TCP	Telnet \| Telnet 3270 / tn3270
25	TCP	Simple Mail Transfer Protocol (SMTP)
53	TCP	Domain Name System (DNS)
80/443	TCP	Web Applications & APIs (HTTP / HTTPS) XML Configuration Access Protocol (XCAP), over HTTP
88	TCP	Kerberos
110/995	TCP	Post Office Protocol (POP/POP3/POP3S)
11	TCP	Network File System (NFS)
135/593	TCP	Microsoft Remote Procedure Call (MSRPC)
139/445	TCP	Samba / SMB
143/993	TCP	Internet Message Access Protocol (IMAP/IMAPS)
161	UDP	Simple Network Management Protocol (SNMP)
389	TCP	Active Directory (AD) / Lightweight Directory Access Protocol (LDAP)
464	TCP	kpasswd
512	TCP	rexec
631	TCP	Internet Printing Protocol (IPP)
1433	TCP	Microsoft SQL Server (MSSQL)
1521	TCP	Oracle Database
2401	TCP	Concurrent Versions System (CVS)
3306	TCP	MySQL
3389	TCP	Remote Desktop Protocol (RDP)
3690	TCP	Subversion (SVN)
3872/1158/1159	TCP	Oracle Enterprise Manager (OEM)
5000	TCP	Sybase ASE
5432	TCP	PostgreSQL
5800/5900	TCP	Virtual Network Computing (VNC)
5060	TCP	Session Initiating Protocol (SIP)
5984	TCP	Apache CouchDB
5985/5986	TCP	Windows Remote Management (WinRM)
6379	TCP	Redis
7878/7879	TCP	Oracle Weblogic
9043	TCP	IBM WebSphere
10000	TCP	Webmin
27017	TCP	MongoDB
50000	TCP	IBM DB2
50001	UDP	AnyDesk
Data Link OSI Layer 2		Cisco Discovery Protocol (CDP)
		Inter-process communication (IPC)

Security Controls

Security Control	Bypass
Antivirus & EDR: Antivirus CrowdStrike Microsoft SmartScreen	Bypass Antivirus & Endpoint Detection and Response (EDR)
Captcha
Citrix
Firewalls: Firewalla
Keycloak
Mark of the Web (MOTW)
Password Managers: Enpass, KeePass, 1Password \| AD Self-Service: PassCore, PWM (GitHub)
Pretty Good Privacy (PGP)
SIEM: Splunk
Subresource Integrity (SRI)
VPNs: Cisco AnyConnect VPN
Web Filtering	Bypass Web Filtering
Web Application Firewalls: Amazon Web Services WAF Cloudflare	WAF Bypass
Windows Defender

Tools

For more tools, see Bug Bounty Forum, Kali Linux Tools Listing, and Offsec Tools.

AADInternals
airbase-ng
aircrack-ng
airdecap-ng
aireplay-ng
airmon-ng
airodump-ng
Anbox
Android Debug Bridge (adb)
Atomic Red Team
Audacity
Autopsy
Bandit
Binwalk
besside-ng
BloodHound
Browser Exploitation Framework (BeEF)
Burp Suite
Canvas
Certipy
CeWL
CloudBrute
CloudFail
CMSmap
cntlm
Coercer
Commix
Core Impact
Covenant
Crackmapexec
Crowbar
Crunch
Cuckoo Sandbox
Cupp
curl
CutyCapt
Decoder / Converter / Generator / Decryption Tools
Dastardly
Dirb
Dirbuster
Discover Scripts
Dmitry – Deep Magic Information Gathering
Docker
Dradis
Enum4Linux
Ettercap
Evans debugger (EDB)
Exiftool
FCrackZIP
Fern Wifi Cracker
ffdec
FFmpeg
Fierce
fuzzdb
gcc / g++
ghidra
Github / Git Client / Gitbook
Gitleaks
Gitrob
GNU Debugger (GDB)
Gobuster
Google Hacking Database (GHDB)
hash-identifier
Hashcat
HTTPrint
HTTrack
Hydra
Immunity Debugger
Impacket
IOXIDResolver
iptables
John the Ripper (JtR)
lbd
LDAP Nom Nom
ldapsearch
LibreOffice
Low Orbit Ion Cannon
Maltego
Manspider
Masscan
Metagoofil
Metasploit
Meterpreter
Microsoft Visio
Mimikatz
Mingw-w64
Mobile-Security-Framework (MobSF)
Msfvenom
Name-That-Hash
Ncat
Ncrack
Nessus ($$$)
Netcat
ngrok
Nikto
Nmap
Nuclei
OpenSSH
OpenVAS
OpenVPN
OWASP ZAP
Pacu
PDFCrack
ping & hping3
PowerShell Empire
PowerUp
PowerView
ProxyChains
Prowler
psudohash
Putty
PwnDoc
radare2
Recon-ng
Remote Desktop Caching
Responder
rexec
rpcclient
Rubeus
SAINT
Scapy
SearchSploit
Selenium
Shellter
SIPVicious
Sliver
smbclient
Socat
Social Engineering Toolkit (SET)
Sonarqube
SPARTA
SQLmap
SQLninja
SQuirreL
SSLscan
SSLstrip
Steghide
sublist3r
Sysinternals (AccessChk | Process Monitor | Sigcheck | TCPView)
Tcpdump
Telnet
Tenable Network Security – Security Center
TheHarvester
TOR Browser
Tplmap
traceroute (command)
Transmission
Trufflehog
Tsunami
Twofi
vi
Vinetto
VisualCodeGrepper
Visual Studio
Volatility
wafw00f
WhatWeb
Wifi Pineapple
Wifite
Wine
Wireshark
WPScan, see WordPress

Table of Contents