I wanted to put together a blog post based off a Twitter thread I made this past week. I saw a tweet from @_jayprimo about wishing he had some cheat sheets when initially learning some cyber tools. So, I put together information for new folks who want to learn about some of the most used cyber/hacking tools. Below I have video tutorials from free labs and command cheat sheets.

NMAP

NMAP is used for discovering hosts/services on a network. It’s normally used as the first step in enumeration by pen testers. TryHackMe has a free lab, and below my walkthrough video of the room (link to the original room is in the video description).



Below is a handy command cheat sheet that I use almost every time I have to use NMAP!

nmap cheat sheet
  • Facebook
  • Twitter
  • LinkedIn

NETCAT

Netcat is used to transfer files/make remote backdoor connections. It is also used in conjunction with other pentesting tools like metasploit (which we’ll also be discussing further below). Netcat is a tool that is used in a bunch of free TryHackMe. The below walkthrough is one room that leverages it as part of a payload of a malicious batch file that works in conjunction with a Windows privilege escalation attack.



Below is a handy command cheat sheet from SANS that covers Netcat commands!

Netcat cheat sheet
  • Facebook
  • Twitter
  • LinkedIn
Image
  • Facebook
  • Twitter
  • LinkedIn

METASPLOIT

Metasploit is a modular tool that allows you to enumerate and exploit vulnerabilities. It has a very easy format to learn the basics. Again, TryHackMe has plenty of free rooms, and I got you with another walkthrough video!



Below is a handy Metasploit command cheat sheet from by @hacklido.

metasploit cheat sheet
  • Facebook
  • Twitter
  • LinkedIn

WIRESHARK

We’ve talked a few times before about Wireshark. But for those who don’t know, it allows you to capture data packets and analyze the headers and data in them. It’s very useful for cyber AND IT troubleshooting (network/system engineers use it a lot!). You know the deal already…free TryHackMe rooms…and a few of my Wireshark walkthrough vids.



Here is a great command cheat sheet, again, I use this one a lot too!

wireshark cheat sheet
  • Facebook
  • Twitter
  • LinkedIn

HYDRA

Hydra is a basic tool used for brute forcing passwords with a word list. You know what I’m about to say, so I’ll just drop the link ­čśé



Had a hard time finding a command cheat sheet, but the help page in the tool works perfectly fine!

hydra cheat sheet
  • Facebook
  • Twitter
  • LinkedIn
Image
  • Facebook
  • Twitter
  • LinkedIn

Network Knowledge Wrap Up

These tools above are all free and you can use them in test virtual labs like in the videos above. You can also download and use them in a home lab if you want to (use them only on systems you have permission to). If you want to get them all at one time, you can download Kali Linux.