Awesome-Mirrors/cyber-security-resources
1
0
Fork 0
mirror of https://github.com/The-Art-of-Hacking/h4cker.git synced 2024-06-30 00:11:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding SANS cheat sheets

Browse Source
This commit is contained in:
Omar Santos 2018-02-13 15:46:20 -05:00
parent 417693aeac
commit 6fc1f7ba79
10 changed files with 72583 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27740
cheat_sheets/Attack-Surfaces-Tools-and-Techniques.pdf Normal file
View File

File diff suppressed because one or more lines are too long

44527
cheat_sheets/commandlinekungfu.pdf Normal file
View File

File diff suppressed because one or more lines are too long

BIN
cheat_sheets/linux-cheat-sheet.pdf Normal file
View File

Binary file not shown.

BIN
cheat_sheets/misc-tools-sheet.pdf Normal file
View File

Binary file not shown.

BIN
cheat_sheets/netcat-cheat-sheet.pdf Normal file
View File

Binary file not shown.

BIN
cheat_sheets/poster.pdf Normal file
View File

Binary file not shown.

146
cheat_sheets/rules-of-engagement-worksheet.rtf Normal file
View File

@ -0,0 +1,146 @@
{\rtf1\ansi\ansicpg1252\uc1 \deff0\deflang1033\deflangfe1033{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f28\froman\fcharset238\fprq2 Times New Roman CE;}{\f29\froman\fcharset204\fprq2 Times New Roman Cyr;}
{\f31\froman\fcharset161\fprq2 Times New Roman Greek;}{\f32\froman\fcharset162\fprq2 Times New Roman Tur;}{\f33\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f34\froman\fcharset178\fprq2 Times New Roman (Arabic);}
{\f35\froman\fcharset186\fprq2 Times New Roman Baltic;}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;
\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{
\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \snext0 Normal;}{\*\cs10 \additive Default Paragraph Font;}{\s15\ql \li0\ri0\widctlpar
\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \sbasedon0 \snext15 header;}{\*\cs16 \additive \sbasedon10 page number;}}{\info{\author tom}{\operator tom}
{\creatim\yr2009\mo8\dy24\hr14\min23}{\revtim\yr2009\mo8\dy24\hr15\min17}{\version12}{\edmins53}{\nofpages3}{\nofwords490}{\nofchars2793}{\nofcharsws3430}{\vern8243}}
\widowctrl\ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\formshade\horzdoc\dgmargin\dghspace180\dgvspace180\dghorigin1800\dgvorigin1440\dghshow1\dgvshow1
\jexpand\viewkind1\viewscale114\viewzk2\pgbrdrhead\pgbrdrfoot\splytwnine\ftnlytwnine\htmautsp\nolnhtadjtbl\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule \fet0\sectd \linex0\endnhere\sectlinegrid360\sectdefaultcl {\header \pard\plain
\s15\ql \li0\ri0\widctlpar\tqc\tx4320\tqr\tx8640\pvpara\phmrg\posxr\posy0\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {\field{\*\fldinst {\cs16 PAGE }}{\fldrslt {
\cs16\lang1024\langfe1024\noproof 3}}}{\cs16
\par }\pard \s15\ql \li0\ri360\widctlpar\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin360\lin0\itap0 {
\par }}{\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang{\pntxta )}}
{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl8
\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}\pard\plain \qc \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0
\fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {Rules of Engagement Worksheet:
\par }\pard \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 {
\par Penetration Testing Team Contact Information:
\par
\par Primary Contact: ____________________________________________
\par
\par Mobile Phone: ____________________________________________
\par
\par Pager: \tab ____________________________________________
\par
\par Secondary Contact: _______________________________________________
\par
\par Mobile Phone: ________________________________________________
\par
\par Pager: ________________________________________________
\par
\par Target Organization Contact Information:
\par
\par Primary Contact: ____________________________________________
\par
\par Mobile Phone: ____________________________________________
\par
\par Pager: \tab ____________________________________________
\par
\par Secondary Contact: _______________________________________________
\par
\par Mobile Phone: ________________________________________________
\par
\par Pager: ________________________________________________
\par
\par
\par "Daily Debriefing" Frequency: _____________________________________________
\par
\par "Daily Debriefing" Time/Location: __________________________________________
\par
\par
\par Start Date of Penetration Test: ______________________________________________
\par
\par End Date of Penetration Test: ______________________________________________
\par
\par Testing Occurs at Following Times: __________________________________________
\par
\par Will test be announced to target personnel: ____________________________________
\par
\par Will target organization shun IP addresses of attack systems: _____________________
\par
\par Does target organization's network have automatic shunning capabilities that might disrupt access in unforeseen ways (i.e. create a denial-of-service condition), and if so, what steps will be taken to mitigate the risk:
\par
\par ____________________________________________________________________
\par
\par ____________________________________________________________________
\par
\par
\par Would the shunning of attack systems conclude the test: _______________________
\par
\par If not, what steps will be taken to continue if systems get shunned and what approval (if any) will be required:
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par IP addresses of penetration testing team's attack systems:
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par Is this a "black box" test: __________________________________________________
\par
\par What is the policy regarding viewing data (including potentially sensitive/confidential data) on compromised hosts:
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par
\par Will target personnel observe the testing team: _________________________________
\par
\par
\par \page
\par
\par ______________________________________________________________
\par Signature of Primary Contact representing Target Organization
\par
\par ____________________________
\par Date
\par
\par
\par
\par ______________________________________________________________
\par Signature of Head of Penetration Testing Team
\par
\par ____________________________
\par Date
\par
\par
\par If necessary, signatures of individual testers:
\par
\par ______________________________________________________________
\par Signature
\par
\par ____________________________
\par Date
\par
\par
\par ______________________________________________________________
\par Signature
\par
\par ____________________________
\par Date
\par
\par
\par ______________________________________________________________
\par Signature
\par
\par ____________________________
\par Date
\par
\par
\par ______________________________________________________________
\par Signature
\par
\par ____________________________
\par Date
\par }}

170
cheat_sheets/scope-worksheet.rtf Normal file
View File

@ -0,0 +1,170 @@
{\rtf1\ansi\ansicpg1252\uc1 \deff0\deflang1033\deflangfe1033{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f163\froman\fcharset238\fprq2 Times New Roman CE;}{\f164\froman\fcharset204\fprq2 Times New Roman Cyr;}
{\f166\froman\fcharset161\fprq2 Times New Roman Greek;}{\f167\froman\fcharset162\fprq2 Times New Roman Tur;}{\f168\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f169\froman\fcharset178\fprq2 Times New Roman (Arabic);}
{\f170\froman\fcharset186\fprq2 Times New Roman Baltic;}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;
\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{
\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \snext0 Normal;}{\*\cs10 \additive Default Paragraph Font;}{\s15\ql \li0\ri0\widctlpar
\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \sbasedon0 \snext15 header;}{\*\cs16 \additive \sbasedon10 page number;}}{\*\listtable{\list\listtemplateid875213430
\listsimple{\listlevel\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat0\levelspace0\levelindent0{\leveltext\'01*;}{\levelnumbers;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 }{\listname ;}\listid-2}}{\*\listoverridetable
{\listoverride\listid-2\listoverridecount1{\lfolevel\listoverrideformat{\listlevel\levelnfc23\levelnfcn23\leveljc0\leveljcn0\levelfollow0\levelstartat0\levelold\levelspace0\levelindent0{\leveltext\'01\'96;}{\levelnumbers;}\f0\fs56\chbrdr\brdrnone\brdrcf1
\chshdng0\chcfpat1\chcbpat1\fbias0 }}\ls1}{\listoverride\listid-2\listoverridecount1{\lfolevel\listoverrideformat{\listlevel\levelnfc23\levelnfcn23\leveljc0\leveljcn0\levelfollow0\levelstartat0\levelold\levelspace0\levelindent0{\leveltext
\'01\'95;}{\levelnumbers;}\f0\fs40\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1\fbias0 }}\ls2}}{\info{\title Scope Worksheet:}{\author tom}{\operator tom}{\creatim\yr2009\mo8\dy24\hr14\min24}{\revtim\yr2009\mo8\dy24\hr15\min55}{\version9}
{\edmins30}{\nofpages4}{\nofwords747}{\nofchars4261}{\nofcharsws5232}{\vern8243}}\widowctrl\ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\hyphcaps0\formshade\horzdoc\dgmargin\dghspace180\dgvspace180\dghorigin1800\dgvorigin1440
\dghshow1\dgvshow1\jexpand\viewkind1\viewscale114\viewzk2\pgbrdrhead\pgbrdrfoot\splytwnine\ftnlytwnine\htmautsp\nolnhtadjtbl\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule \fet0\sectd \linex0\endnhere\sectlinegrid360\sectdefaultcl {\header
\pard\plain \s15\ql \li0\ri0\widctlpar\tqc\tx4320\tqr\tx8640\pvpara\phmrg\posxr\posy0\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {\field{\*\fldinst {\cs16 PAGE }}{\fldrslt {
\cs16\lang1024\langfe1024\noproof 4}}}{\cs16
\par }\pard \s15\ql \li0\ri360\widctlpar\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin360\lin0\itap0 {
\par }}{\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang{\pntxta )}}
{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl8
\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}\pard\plain \qc \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0
\fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {Scope Worksheet:
\par }\pard \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 {
\par What are the target organization's biggest security concerns:
\par (Examples include disclosure of sensitive information, interruption of production processing, embarrassment due to website defacement, etc.)
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par
\par What specific hosts, network address ranges, or applications should be tested:
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par \page What specific hosts, network address ranges, or applications should explicitly }{\ul NOT}{ be tested:
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par
\par List any third parties that own systems or networks that are in scope as well as which systems they own (written permission must have been obtained in advance by the target organization):
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par _______________________________________________________________________
\par \page Will the test be performed against a live production environment or a test environment:
\par
\par ______________________________________________________________________
\par
\par
\par Will the penetration test include the following testing techniques:
\par
\par }{\cf1 Ping sweep of network ranges}{\cf1 : ____________________________________________
\par }{\cf1
\par Port scan of target hosts}{\cf1 : _________________________________________________
\par }{\cf1
\par Vulnerability scan of targets}{\cf1 : ______________________________________________
\par }{\cf1
\par }{\cf1 Penetration}{\cf1 into targets}{\cf1 : __________________________________________________}{\cf1
\par }{\cf1
\par }{\cf1 Application-level manipulation}{\cf1 : ____________________________________________
\par }{\cf1
\par Client-side Java/ActiveX reverse engineering}{\cf1 : _________________________________
\par }{\cf1
\par Physical penetration attempts}{\cf1 : ______________________________________________
\par }{\cf1
\par Social engineering of people}{\cf1 : _______________________________________________
\par
\par Other: _________________________________________________________________
\par
\par _______________________________________________________________________
\par
\par
\par Will penetration test include internal network testing: ____________________________
\par
\par If so, how will access be obtained: ___________________________________________
\par
\par ________________________________________________________________________
\par
\par
\par Are client/end-user systems included in scope: _________________________________
\par
\par If so, how may clients be leveraged: __________________________________________
\par
\par ________________________________________________________________________
\par
\par Is social engineering allowed: _______________________________________________
\par
\par If so, how may it be used: __________________________________________________
\par
\par ________________________________________________________________________
\par
\par Are Denial of Service attacks allowed: _____________________________________
\par
\par Are Dangerous checks/exploits allowed: ____________________________________
\par
\par
\par
\par }{______________________________________________________________
\par Signature of Primary Contact representing Target Organization
\par
\par ____________________________
\par Date
\par
\par
\par
\par ______________________________________________________________
\par Signature of Head of Penetration Testing Team
\par
\par ____________________________
\par Date
\par }}

BIN
cheat_sheets/windows-cheat-sheet.pdf Normal file
View File

Binary file not shown.

BIN
cheat_sheets/windows-command-line-sheet.pdf Normal file
View File

Binary file not shown.