I wanted to put together a blog post based off a Twitter thread I made this past week. I saw a tweet from @_jayprimo about wishing he had some cheat sheets when initially learning some cyber tools. So, I put together information for new folks who want to learn about some of the most used cyber/hacking tools. Below I have video tutorials from free labs and command cheat sheets.
NMAP is used for discovering hosts/services on a network. It’s normally used as the first step in enumeration by pen testers. TryHackMe has a free lab, and below my walkthrough video of the room (link to the original room is in the video description).
Below is a handy command cheat sheet that I use almost every time I have to use NMAP!
Netcat is used to transfer files/make remote backdoor connections. It is also used in conjunction with other pentesting tools like metasploit (which we’ll also be discussing further below). Netcat is a tool that is used in a bunch of free TryHackMe. The below walkthrough is one room that leverages it as part of a payload of a malicious batch file that works in conjunction with a Windows privilege escalation attack.
Below is a handy command cheat sheet from SANS that covers Netcat commands!
Metasploit is a modular tool that allows you to enumerate and exploit vulnerabilities. It has a very easy format to learn the basics. Again, TryHackMe has plenty of free rooms, and I got you with another walkthrough video!
Below is a handy Metasploit command cheat sheet from by @hacklido.
We’ve talked a few times before about Wireshark. But for those who don’t know, it allows you to capture data packets and analyze the headers and data in them. It’s very useful for cyber AND IT troubleshooting (network/system engineers use it a lot!). You know the deal already…free TryHackMe rooms…and a few of my Wireshark walkthrough vids.
Here is a great command cheat sheet, again, I use this one a lot too!
Hydra is a basic tool used for brute forcing passwords with a word list. You know what I’m about to say, so I’ll just drop the link ?
Had a hard time finding a command cheat sheet, but the help page in the tool works perfectly fine!
Network Knowledge Wrap Up
These tools above are all free and you can use them in test virtual labs like in the videos above. You can also download and use them in a home lab if you want to (use them only on systems you have permission to). If you want to get them all at one time, you can download Kali Linux.