What’s in Your Folder: Security Cheat Sheets
Ran into this from a friend who has it on their blog. felt that everyone else could benefit from this as well.
Original Site: http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/
Aug 15th, 2009 by John Gerber
On my desk is a folder containing all sort of cheat sheets relating to security, operating systems, and various web applications. Many a times, these quick references have helped me remember particular options and information that are all too easily forgotten. These guides are also very useful in any training program, helping remind students of the essential information.
So when Jim Clausing, from SANS Internet Storm Center (ISC), posted, “New and updated cheat sheets,” an idea hit me: now would be the perfect time to pull together and share this material. Jeremy Stretch at PacketLife is in the process of updating, to quote Jim, “some of his excellent networking cheat sheets (I mentioned his 802.1x one here).” Jeremy has posted such first-rate cheat sheets as:
BGP
EIGRP
First Hop Redundancy
IEEE 802.11 WLAN
IEEE 802.1X
IPsec
IPv4 Multicast
IPv6
IS-IS
OSPF
PPP
Spanning Tree
tcpdump
Wireshark Display Filters
Common Ports
IOS IPv4 Access Lists
IPv4 Subnetting
Markdown
MediaWiki
Frame Mode MPLS
Quality of Service
VLANs
Cisco IOS Versions
Physical Terminations
For help with forensics, Jim points out, “SANS instructor, Rob Lee points us to a couple of new cheat sheets for doing forensics on USB keys under XP or Vista/Win7.” There is also the Memory Analysis Cheat Sheet for Microsoft Windows XP SP2 by Pär Österberg and Andreas Schuster. If you have a SANS Portal Account, you can access the SANS Forensic Analysis Cheat Sheet.
The below table provides links to other security cheat sheets I have found very beneficial. Some are better described as condensed references, verses short 1-2 page cheat sheets. That is noted below.
Title
Source
Description
SQL Injection Cheat Sheet
Michael Daw
Reference
Linux Security Quick Reference Guide
LinuxSecurity
PDF
SQL Injection Cheat Sheet
Ferruh Mavituna
Reference
Security Architecture Cheat Sheet
OWASP
Reference
SQL Injection Prevention Cheat Sheet
OWASP
Reference
XSS (Cross Site Scripting) Prevention Cheat Sheet
OWASP
Reference
SQL Injection Cheat Sheet
RSnake
Reference
XSS (Cross Site Scripting) Cheat Sheet
RSnake
Reference
Forensic Analysis Cheat Sheet
SANS
PDF
Google Hacking and Defense Cheat Sheet
SANS
PDF
IEEE 802.11
SANS
PDF
IPv6 TCP/IP and tcpdump
SANS
PDF
Linux Intrusion Discovery Cheat Sheet
SANS
PDF
Misc Tools Cheat Sheet
SANS
PDF
Netcat Cheat Sheet
SANS
PDF
TCP/IP and tcpdump
SANS
PDF
Windows Command Line Cheat Sheet
SANS
PDF
Windows Intrusion Discovery Cheat Sheet
SANS
PDF
NMAP and Nessus
SecGuru
PDF
Hping3
José A. Guasch
PDF
NMAP5
">Alejandro Ramos
PDF
Web Application
SecGuru
PDF
Netcat Cheat Sheet
Ed Skoudis
PDF
Useful Attack Tools
Ed Skoudis
PDF
Windows commandline tools
Ed Skoudis
PDF
Information Security Assessment RFP Cheat Sheet
Lenny Zeltser
PDF
Initial Security Incident Questionnaire for Responders
Lenny Zeltser
PDF
Network DDoS Incident Response Cheat Sheet
Lenny Zeltser
PDF
Reverse-Engineering Malware Cheat Sheet
Lenny Zeltser
PDF
Security Architecture Cheat Sheet for Internet Applications
Lenny Zeltser
PDF
Security Incident Survey Cheat Sheet for Server Administrators
Lenny Zeltser
PDF
Troubleshooting Human Communications
Lenny Zeltser
PDF
Since security does not exist in a vacuum, Raj helps us out with his post, “145 Useful cheat sheets for some of the most widely used tools on the web.” To quote Raj, the post provides “145 quick cheat sheets for some of the most widely used tools on the web.” Dave Child has also posted several valuable cheat sheets for commonly used Internet and development tools (Python, Subversion, Regular Expressions, mod_rewrite, PHP, MySQL, Javascript, Ruby on Rails).
To assist on the operating side, Scott Klar posted “Linux-Unix cheat sheets – The ultimate collection.” The post provides a links to approximately 70 cheat sheets for Linux users. Scott has also posted, “Windows cheat sheets compilation“, “Networking cheat sheets“, and links in various other areas (C, CPP, C#; Gimp; Designer color; Vi & vim; Emacs; Photoshop; Apache; Perl; Python; Ruby and Ruby on Rails; Regular Expressions; MySQL; XML-XSLT-RSS; PHP; CSS; Javascript/Ajax; HTML and Xhtml).
Finally, there is always the Cheat-Sheets and TechTarget sites. These two sites offer very large number of links to various cheat sheets on all sorts of topics. If you know of any other good cheat sheets relating to security, please let me know.
Original Site: http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/
Aug 15th, 2009 by John Gerber
On my desk is a folder containing all sort of cheat sheets relating to security, operating systems, and various web applications. Many a times, these quick references have helped me remember particular options and information that are all too easily forgotten. These guides are also very useful in any training program, helping remind students of the essential information. So when Jim Clausing, from SANS Internet Storm Center (ISC), posted, “New and updated cheat sheets,” an idea hit me: now would be the perfect time to pull together and share this material. Jeremy Stretch at PacketLife is in the process of updating, to quote Jim, “some of his excellent networking cheat sheets (I mentioned his 802.1x one here).” Jeremy has posted such first-rate cheat sheets as:
BGP
EIGRP
First Hop Redundancy
IEEE 802.11 WLAN
IEEE 802.1X
IPsec
IPv4 Multicast
IPv6
IS-IS
OSPF
PPP
Spanning Tree
tcpdump
Wireshark Display Filters
Common Ports
IOS IPv4 Access Lists
IPv4 Subnetting
Markdown
MediaWiki
Frame Mode MPLS
Quality of Service
VLANs
Cisco IOS Versions
Physical Terminations
For help with forensics, Jim points out, “SANS instructor, Rob Lee points us to a couple of new cheat sheets for doing forensics on USB keys under XP or Vista/Win7.” There is also the Memory Analysis Cheat Sheet for Microsoft Windows XP SP2 by Pär Österberg and Andreas Schuster. If you have a SANS Portal Account, you can access the SANS Forensic Analysis Cheat Sheet.
The below table provides links to other security cheat sheets I have found very beneficial. Some are better described as condensed references, verses short 1-2 page cheat sheets. That is noted below.
Title
Source
Description
SQL Injection Cheat Sheet
Michael Daw
Reference
Linux Security Quick Reference Guide
LinuxSecurity
SQL Injection Cheat Sheet
Ferruh Mavituna
Reference
Security Architecture Cheat Sheet
OWASP
Reference
SQL Injection Prevention Cheat Sheet
OWASP
Reference
XSS (Cross Site Scripting) Prevention Cheat Sheet
OWASP
Reference
SQL Injection Cheat Sheet
RSnake
Reference
XSS (Cross Site Scripting) Cheat Sheet
RSnake
Reference
Forensic Analysis Cheat Sheet
SANS
Google Hacking and Defense Cheat Sheet
SANS
IEEE 802.11
SANS
IPv6 TCP/IP and tcpdump
SANS
Linux Intrusion Discovery Cheat Sheet
SANS
Misc Tools Cheat Sheet
SANS
Netcat Cheat Sheet
SANS
TCP/IP and tcpdump
SANS
Windows Command Line Cheat Sheet
SANS
Windows Intrusion Discovery Cheat Sheet
SANS
NMAP and Nessus
SecGuru
Hping3
José A. Guasch
NMAP5
">Alejandro Ramos
Web Application
SecGuru
Netcat Cheat Sheet
Ed Skoudis
Useful Attack Tools
Ed Skoudis
Windows commandline tools
Ed Skoudis
Information Security Assessment RFP Cheat Sheet
Lenny Zeltser
Initial Security Incident Questionnaire for Responders
Lenny Zeltser
Network DDoS Incident Response Cheat Sheet
Lenny Zeltser
Reverse-Engineering Malware Cheat Sheet
Lenny Zeltser
Security Architecture Cheat Sheet for Internet Applications
Lenny Zeltser
Security Incident Survey Cheat Sheet for Server Administrators
Lenny Zeltser
Troubleshooting Human Communications
Lenny Zeltser
Since security does not exist in a vacuum, Raj helps us out with his post, “145 Useful cheat sheets for some of the most widely used tools on the web.” To quote Raj, the post provides “145 quick cheat sheets for some of the most widely used tools on the web.” Dave Child has also posted several valuable cheat sheets for commonly used Internet and development tools (Python, Subversion, Regular Expressions, mod_rewrite, PHP, MySQL, Javascript, Ruby on Rails).
To assist on the operating side, Scott Klar posted “Linux-Unix cheat sheets – The ultimate collection.” The post provides a links to approximately 70 cheat sheets for Linux users. Scott has also posted, “Windows cheat sheets compilation“, “Networking cheat sheets“, and links in various other areas (C, CPP, C#; Gimp; Designer color; Vi & vim; Emacs; Photoshop; Apache; Perl; Python; Ruby and Ruby on Rails; Regular Expressions; MySQL; XML-XSLT-RSS; PHP; CSS; Javascript/Ajax; HTML and Xhtml).
Finally, there is always the Cheat-Sheets and TechTarget sites. These two sites offer very large number of links to various cheat sheets on all sorts of topics. If you know of any other good cheat sheets relating to security, please let me know.
Comments
Post a Comment