Feed on
Posts
Comments

On my desk is a folder containing all sort of cheat sheets relating to security, operating systems, and various web applications. Many a times, these quick references have helped me remember particular options and information that are all too easily forgotten. These guides are also very useful in any training program, helping remind students of the essential information. So when Jim Clausing, from SANS Internet Storm Center (ISC), posted, “New and updated cheat sheets,” an idea hit me: now would be the perfect time to pull together and share this material. Jeremy Stretch at PacketLife is in the process of updating, to quote Jim, “some of his excellent networking cheat sheets (I mentioned his 802.1x one here).” Jeremy has posted such first-rate cheat sheets as:

BGP EIGRP First Hop Redundancy
IEEE 802.11 WLAN IEEE 802.1X IPsec
IPv4 Multicast IPv6 IS-IS
OSPF PPP Spanning Tree
Wireshark Display Filters Common Ports IOS IPv4 Access Lists
IPv4 Subnetting Markdown MediaWiki
Frame Mode MPLS Quality of Service VLANs
Cisco IOS Versions Physical Terminations IOS Interior Routing Protocols
tcpdump

For help with forensics, Jim points out, “SANS instructor, Rob Lee points us to a couple of new cheat sheets for doing forensics on USB keys under XP or Vista/Win7.” There is also the Memory Analysis Cheat Sheet for Microsoft Windows XP SP2 by Pär Österberg and Andreas Schuster. If you have a SANS Portal Account, you can access the SANS Forensic Analysis Cheat Sheet.

The below table provides links to other security cheat sheets I have found very beneficial. Some are better described as condensed references, verses short 1-2 page cheat sheets. That is noted below.

Title Source Description
SQL Injection Cheat Sheet Michael Daw Reference
Linux Security Quick Reference Guide LinuxSecurity PDF
SQL Injection Cheat Sheet Ferruh Mavituna Reference
Security Architecture Cheat Sheet OWASP Reference
SQL Injection Prevention Cheat Sheet OWASP Reference
Transport Layer Protection Cheat Sheet OWASP Reference
XSS (Cross Site Scripting) Prevention Cheat Sheet OWASP Reference
SQL Injection Cheat Sheet RSnake Reference
XSS (Cross Site Scripting) Cheat Sheet RSnake Reference
Forensic Analysis Cheat Sheet SANS PDF
Google Hacking and Defense Cheat Sheet SANS PDF
IEEE 802.11 SANS PDF
IPv6 TCP/IP and tcpdump SANS PDF
Linux Intrusion Discovery Cheat Sheet SANS PDF
Misc Tools Cheat Sheet SANS PDF
Netcat Cheat Sheet SANS PDF
TCP/IP and tcpdump SANS PDF
Windows Command Line Cheat Sheet SANS PDF
Windows Intrusion Discovery Cheat Sheet SANS PDF
NMAP and Nessus SecGuru PDF
Hping3 José A. Guasch PDF
NMAP5 Alejandro Ramos PDF
Web Application SecGuru PDF
Netcat Cheat Sheet Ed Skoudis PDF
Useful Attack Tools Ed Skoudis PDF
Windows commandline tools Ed Skoudis PDF
Analyzing Malicious Documents Cheat Sheet Lenny Zeltser Reference
Critical Log Review Checklist for Security Incidents Dr. Anton Chuvakin and Lenny Zeltser PDF
Information Security Assessment RFP Cheat Sheet Lenny Zeltser PDF
Initial Security Incident Questionnaire for Responders Lenny Zeltser PDF
Network DDoS Incident Response Cheat Sheet Lenny Zeltser PDF
Reverse-Engineering Malware Cheat Sheet Lenny Zeltser PDF
Security Architecture Cheat Sheet for Internet Applications Lenny Zeltser PDF
Security Incident Survey Cheat Sheet for Server Administrators Lenny Zeltser PDF
Troubleshooting Human Communications Lenny Zeltser PDF
ASP.NET Security Architecture Alik Levin Reference

Since security does not exist in a vacuum, Raj helps us out with his post, “145 Useful cheat sheets for some of the most widely used tools on the web.” To quote Raj, the post provides “145 quick cheat sheets for some of the most widely used tools on the web.” Dave Child has also posted several valuable cheat sheets for commonly used Internet and development tools (Python, Subversion, Regular Expressions, mod_rewrite, PHP, MySQL, Javascript, Ruby on Rails).

Hilde Torbjornsen has also posted “Mega Collection Of Cheatsheets for Designers & Developers” where she list more than one hundred cheat sheets and reference cards for the following topics:

Browsers & OS HTML Softwares
CMS Javascript Others/Miscellaneous
Color/Fonts/SEO MySQL
CSS PHP

To assist on the operating side, Scott Klar posted “Linux-Unix cheat sheets – The ultimate collection.” The post provides a links to approximately 70 cheat sheets for Linux users. Scott has also posted, “Windows cheat sheets compilation“, “Networking cheat sheets“, and links in various other areas (C, CPP, C#; Gimp; Designer color; Vi & vim; Emacs; Photoshop; Apache; Perl; Python; Ruby and Ruby on Rails; Regular Expressions; MySQL; XML-XSLT-RSS; PHP; CSS; Javascript/Ajax; HTML and Xhtml).

Finally, there is always the Cheat-Sheets, DevCheatSheet (over 1,500 so far) , and TechTarget sites. These two sites offer very large number of links to various cheat sheets on all sorts of topics. If you know of any other good cheat sheets relating to security, please let me know.

22 Responses to “What’s in Your Folder: Security Cheat Sheets”

  1. Owen says:

    I have some of these printed, they’re invaluable when you don’t feel like sifting through man pages.. Also got a few on my wall.

  2. Faisal Asif says:

    Thanks John! that’s a lovely share!.. :)

  3. Hi,
    Thanks you! very nice and appreciated.
    You do have one bad link on THIS Cheat Sheet page: “Subnetting”
    Points to empty link:
    http://packetlife.net/static/cheatsheets/subnetting.pdf

    Thanks again.

  4. K Hollund says:

    Hey. Not too happy about people using images off my site (even if it links). Please host yourself and put the link crediting it instead.

Trackbacks/Pingbacks

  1. [...] More here:  System Advancements at the Monastery » Blog Archive » What's in … [...]

  2. [...] is a huge list of cheat sheets you will find useful. System Advancements at the Monastery >> Blog Archive >> What’s in Your Folder: Sec… Tags: ( cheatsheet [...]

  3. [...] System Advancements at the Monastery » Blog Archive » What’s in Your Folder: Secur… On my desk is a folder containing all sort of cheat sheets relating to security, operating systems, and various web applications. Many a times, these quick references have helped me remember particular options and information that are all too easily forgotten. These guides are also very useful in any training program, helping remind students of the essential information. So when Jim Clausing, from SANS Internet Storm Center (ISC), posted, “New and updated cheat sheets,” an idea hit me: now would be the perfect time to pull together and share this material. Jeremy Stretch at PacketLife is in the process of updating, to quote Jim, “some of his excellent networking cheat sheets (I mentioned his 802.1x one here).” Jeremy has posted such first-rate cheat sheets as: [...]

  4. [...] Cheat sheets on all sorts of topics related to computer networks, security, and even how to communicate better. [...]

  5. [...] What’s in Your Folder: Security Cheat Sheets – Security Monks [...]

  6. [...] System Advancements at the Monastery » Blog Archive » What’s in Your Folder: Security Cheat Shee… blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets – view page – cached Information about developments at the Monastery — From the page [...]

  7. [...] Security Cheat Sheets. Categories: Security Posted By: jmiles Last Edit: 31 Aug 2009 @ 07 58 AM Email • Permalink Previous  Responses to this post » (None)  Post a Comment Click here to cancel reply. [...]

  8. [...] 2 – Security Cheat Sheets and other great links at The Monastery [...]

  9. [...] What’s in Your Folder: Security Cheat Sheets – securitymonks.com These guides are also very useful in any training program, helping remind students of the essential information. [...]

  10. [...] http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/ Categories: Cheat Sheet, Security Comments (0) Trackbacks (0) Leave a comment Trackback [...]

Leave a Reply

Bad Behavior has blocked 412 access attempts in the last 7 days.