mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-23 14:29:31 -05:00
adding SANS cheat sheets
This commit is contained in:
parent
417693aeac
commit
6fc1f7ba79
27740
cheat_sheets/Attack-Surfaces-Tools-and-Techniques.pdf
Normal file
27740
cheat_sheets/Attack-Surfaces-Tools-and-Techniques.pdf
Normal file
File diff suppressed because one or more lines are too long
44527
cheat_sheets/commandlinekungfu.pdf
Normal file
44527
cheat_sheets/commandlinekungfu.pdf
Normal file
File diff suppressed because one or more lines are too long
BIN
cheat_sheets/linux-cheat-sheet.pdf
Normal file
BIN
cheat_sheets/linux-cheat-sheet.pdf
Normal file
Binary file not shown.
BIN
cheat_sheets/misc-tools-sheet.pdf
Normal file
BIN
cheat_sheets/misc-tools-sheet.pdf
Normal file
Binary file not shown.
BIN
cheat_sheets/netcat-cheat-sheet.pdf
Normal file
BIN
cheat_sheets/netcat-cheat-sheet.pdf
Normal file
Binary file not shown.
BIN
cheat_sheets/poster.pdf
Normal file
BIN
cheat_sheets/poster.pdf
Normal file
Binary file not shown.
146
cheat_sheets/rules-of-engagement-worksheet.rtf
Normal file
146
cheat_sheets/rules-of-engagement-worksheet.rtf
Normal file
@ -0,0 +1,146 @@
|
||||
{\rtf1\ansi\ansicpg1252\uc1 \deff0\deflang1033\deflangfe1033{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f28\froman\fcharset238\fprq2 Times New Roman CE;}{\f29\froman\fcharset204\fprq2 Times New Roman Cyr;}
|
||||
{\f31\froman\fcharset161\fprq2 Times New Roman Greek;}{\f32\froman\fcharset162\fprq2 Times New Roman Tur;}{\f33\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f34\froman\fcharset178\fprq2 Times New Roman (Arabic);}
|
||||
{\f35\froman\fcharset186\fprq2 Times New Roman Baltic;}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;
|
||||
\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{
|
||||
\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \snext0 Normal;}{\*\cs10 \additive Default Paragraph Font;}{\s15\ql \li0\ri0\widctlpar
|
||||
\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \sbasedon0 \snext15 header;}{\*\cs16 \additive \sbasedon10 page number;}}{\info{\author tom}{\operator tom}
|
||||
{\creatim\yr2009\mo8\dy24\hr14\min23}{\revtim\yr2009\mo8\dy24\hr15\min17}{\version12}{\edmins53}{\nofpages3}{\nofwords490}{\nofchars2793}{\nofcharsws3430}{\vern8243}}
|
||||
\widowctrl\ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\formshade\horzdoc\dgmargin\dghspace180\dgvspace180\dghorigin1800\dgvorigin1440\dghshow1\dgvshow1
|
||||
\jexpand\viewkind1\viewscale114\viewzk2\pgbrdrhead\pgbrdrfoot\splytwnine\ftnlytwnine\htmautsp\nolnhtadjtbl\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule \fet0\sectd \linex0\endnhere\sectlinegrid360\sectdefaultcl {\header \pard\plain
|
||||
\s15\ql \li0\ri0\widctlpar\tqc\tx4320\tqr\tx8640\pvpara\phmrg\posxr\posy0\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {\field{\*\fldinst {\cs16 PAGE }}{\fldrslt {
|
||||
\cs16\lang1024\langfe1024\noproof 3}}}{\cs16
|
||||
\par }\pard \s15\ql \li0\ri360\widctlpar\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin360\lin0\itap0 {
|
||||
\par }}{\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang{\pntxta )}}
|
||||
{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl8
|
||||
\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}\pard\plain \qc \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0
|
||||
\fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {Rules of Engagement Worksheet:
|
||||
\par }\pard \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 {
|
||||
\par Penetration Testing Team Contact Information:
|
||||
\par
|
||||
\par Primary Contact: ____________________________________________
|
||||
\par
|
||||
\par Mobile Phone: ____________________________________________
|
||||
\par
|
||||
\par Pager: \tab ____________________________________________
|
||||
\par
|
||||
\par Secondary Contact: _______________________________________________
|
||||
\par
|
||||
\par Mobile Phone: ________________________________________________
|
||||
\par
|
||||
\par Pager: ________________________________________________
|
||||
\par
|
||||
\par Target Organization Contact Information:
|
||||
\par
|
||||
\par Primary Contact: ____________________________________________
|
||||
\par
|
||||
\par Mobile Phone: ____________________________________________
|
||||
\par
|
||||
\par Pager: \tab ____________________________________________
|
||||
\par
|
||||
\par Secondary Contact: _______________________________________________
|
||||
\par
|
||||
\par Mobile Phone: ________________________________________________
|
||||
\par
|
||||
\par Pager: ________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par "Daily Debriefing" Frequency: _____________________________________________
|
||||
\par
|
||||
\par "Daily Debriefing" Time/Location: __________________________________________
|
||||
\par
|
||||
\par
|
||||
\par Start Date of Penetration Test: ______________________________________________
|
||||
\par
|
||||
\par End Date of Penetration Test: ______________________________________________
|
||||
\par
|
||||
\par Testing Occurs at Following Times: __________________________________________
|
||||
\par
|
||||
\par Will test be announced to target personnel: ____________________________________
|
||||
\par
|
||||
\par Will target organization shun IP addresses of attack systems: _____________________
|
||||
\par
|
||||
\par Does target organization's network have automatic shunning capabilities that might disrupt access in unforeseen ways (i.e. create a denial-of-service condition), and if so, what steps will be taken to mitigate the risk:
|
||||
\par
|
||||
\par ____________________________________________________________________
|
||||
\par
|
||||
\par ____________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par Would the shunning of attack systems conclude the test: _______________________
|
||||
\par
|
||||
\par If not, what steps will be taken to continue if systems get shunned and what approval (if any) will be required:
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par IP addresses of penetration testing team's attack systems:
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par Is this a "black box" test: __________________________________________________
|
||||
\par
|
||||
\par What is the policy regarding viewing data (including potentially sensitive/confidential data) on compromised hosts:
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par Will target personnel observe the testing team: _________________________________
|
||||
\par
|
||||
\par
|
||||
\par \page
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature of Primary Contact representing Target Organization
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par
|
||||
\par
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature of Head of Penetration Testing Team
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par
|
||||
\par
|
||||
\par If necessary, signatures of individual testers:
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par }}
|
170
cheat_sheets/scope-worksheet.rtf
Normal file
170
cheat_sheets/scope-worksheet.rtf
Normal file
@ -0,0 +1,170 @@
|
||||
{\rtf1\ansi\ansicpg1252\uc1 \deff0\deflang1033\deflangfe1033{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f163\froman\fcharset238\fprq2 Times New Roman CE;}{\f164\froman\fcharset204\fprq2 Times New Roman Cyr;}
|
||||
{\f166\froman\fcharset161\fprq2 Times New Roman Greek;}{\f167\froman\fcharset162\fprq2 Times New Roman Tur;}{\f168\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f169\froman\fcharset178\fprq2 Times New Roman (Arabic);}
|
||||
{\f170\froman\fcharset186\fprq2 Times New Roman Baltic;}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;
|
||||
\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{
|
||||
\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \snext0 Normal;}{\*\cs10 \additive Default Paragraph Font;}{\s15\ql \li0\ri0\widctlpar
|
||||
\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \sbasedon0 \snext15 header;}{\*\cs16 \additive \sbasedon10 page number;}}{\*\listtable{\list\listtemplateid875213430
|
||||
\listsimple{\listlevel\levelnfc0\levelnfcn0\leveljc0\leveljcn0\levelfollow0\levelstartat0\levelspace0\levelindent0{\leveltext\'01*;}{\levelnumbers;}\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1 }{\listname ;}\listid-2}}{\*\listoverridetable
|
||||
{\listoverride\listid-2\listoverridecount1{\lfolevel\listoverrideformat{\listlevel\levelnfc23\levelnfcn23\leveljc0\leveljcn0\levelfollow0\levelstartat0\levelold\levelspace0\levelindent0{\leveltext\'01\'96;}{\levelnumbers;}\f0\fs56\chbrdr\brdrnone\brdrcf1
|
||||
\chshdng0\chcfpat1\chcbpat1\fbias0 }}\ls1}{\listoverride\listid-2\listoverridecount1{\lfolevel\listoverrideformat{\listlevel\levelnfc23\levelnfcn23\leveljc0\leveljcn0\levelfollow0\levelstartat0\levelold\levelspace0\levelindent0{\leveltext
|
||||
\'01\'95;}{\levelnumbers;}\f0\fs40\chbrdr\brdrnone\brdrcf1 \chshdng0\chcfpat1\chcbpat1\fbias0 }}\ls2}}{\info{\title Scope Worksheet:}{\author tom}{\operator tom}{\creatim\yr2009\mo8\dy24\hr14\min24}{\revtim\yr2009\mo8\dy24\hr15\min55}{\version9}
|
||||
{\edmins30}{\nofpages4}{\nofwords747}{\nofchars4261}{\nofcharsws5232}{\vern8243}}\widowctrl\ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\hyphcaps0\formshade\horzdoc\dgmargin\dghspace180\dgvspace180\dghorigin1800\dgvorigin1440
|
||||
\dghshow1\dgvshow1\jexpand\viewkind1\viewscale114\viewzk2\pgbrdrhead\pgbrdrfoot\splytwnine\ftnlytwnine\htmautsp\nolnhtadjtbl\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule \fet0\sectd \linex0\endnhere\sectlinegrid360\sectdefaultcl {\header
|
||||
\pard\plain \s15\ql \li0\ri0\widctlpar\tqc\tx4320\tqr\tx8640\pvpara\phmrg\posxr\posy0\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {\field{\*\fldinst {\cs16 PAGE }}{\fldrslt {
|
||||
\cs16\lang1024\langfe1024\noproof 4}}}{\cs16
|
||||
\par }\pard \s15\ql \li0\ri360\widctlpar\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin360\lin0\itap0 {
|
||||
\par }}{\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang{\pntxta )}}
|
||||
{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl8
|
||||
\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}\pard\plain \qc \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0
|
||||
\fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {Scope Worksheet:
|
||||
\par }\pard \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 {
|
||||
\par What are the target organization's biggest security concerns:
|
||||
\par (Examples include disclosure of sensitive information, interruption of production processing, embarrassment due to website defacement, etc.)
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par What specific hosts, network address ranges, or applications should be tested:
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par \page What specific hosts, network address ranges, or applications should explicitly }{\ul NOT}{ be tested:
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par List any third parties that own systems or networks that are in scope as well as which systems they own (written permission must have been obtained in advance by the target organization):
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par \page Will the test be performed against a live production environment or a test environment:
|
||||
\par
|
||||
\par ______________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par Will the penetration test include the following testing techniques:
|
||||
\par
|
||||
\par }{\cf1 Ping sweep of network ranges}{\cf1 : ____________________________________________
|
||||
\par }{\cf1
|
||||
\par Port scan of target hosts}{\cf1 : _________________________________________________
|
||||
\par }{\cf1
|
||||
\par Vulnerability scan of targets}{\cf1 : ______________________________________________
|
||||
\par }{\cf1
|
||||
\par }{\cf1 Penetration}{\cf1 into targets}{\cf1 : __________________________________________________}{\cf1
|
||||
\par }{\cf1
|
||||
\par }{\cf1 Application-level manipulation}{\cf1 : ____________________________________________
|
||||
\par }{\cf1
|
||||
\par Client-side Java/ActiveX reverse engineering}{\cf1 : _________________________________
|
||||
\par }{\cf1
|
||||
\par Physical penetration attempts}{\cf1 : ______________________________________________
|
||||
\par }{\cf1
|
||||
\par Social engineering of people}{\cf1 : _______________________________________________
|
||||
\par
|
||||
\par Other: _________________________________________________________________
|
||||
\par
|
||||
\par _______________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par Will penetration test include internal network testing: ____________________________
|
||||
\par
|
||||
\par If so, how will access be obtained: ___________________________________________
|
||||
\par
|
||||
\par ________________________________________________________________________
|
||||
\par
|
||||
\par
|
||||
\par Are client/end-user systems included in scope: _________________________________
|
||||
\par
|
||||
\par If so, how may clients be leveraged: __________________________________________
|
||||
\par
|
||||
\par ________________________________________________________________________
|
||||
\par
|
||||
\par Is social engineering allowed: _______________________________________________
|
||||
\par
|
||||
\par If so, how may it be used: __________________________________________________
|
||||
\par
|
||||
\par ________________________________________________________________________
|
||||
\par
|
||||
\par Are Denial of Service attacks allowed: _____________________________________
|
||||
\par
|
||||
\par Are Dangerous checks/exploits allowed: ____________________________________
|
||||
\par
|
||||
\par
|
||||
\par
|
||||
\par }{______________________________________________________________
|
||||
\par Signature of Primary Contact representing Target Organization
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par
|
||||
\par
|
||||
\par
|
||||
\par ______________________________________________________________
|
||||
\par Signature of Head of Penetration Testing Team
|
||||
\par
|
||||
\par ____________________________
|
||||
\par Date
|
||||
\par }}
|
BIN
cheat_sheets/windows-cheat-sheet.pdf
Normal file
BIN
cheat_sheets/windows-cheat-sheet.pdf
Normal file
Binary file not shown.
BIN
cheat_sheets/windows-command-line-sheet.pdf
Normal file
BIN
cheat_sheets/windows-command-line-sheet.pdf
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user