General Command Syntax
Instead of spending time on figuring out what arguments to use in a command each time you use it, you can look at your terminal history for what you previously used.
However, with many different commands and terminals this can become quite difficult and time consuming.
\\\\====== Presenting the Command Syntax List ======////
Below you can find all available commands. Either select one from the ToC list or use Ctrl+F to look for it. Below the ToC there is a list of separate cheat sheets for some more complex commands.
In the commands you will find variables enclosed by <variable>. This simply means it needs to be replaced by your own value (e.g., <ip> becomes 10.10.101.81).
Subjects
Separate command sheets
Some tools are so vast, they have many commands. Too many to include in this document whilst keeping it nice and organized. That is why I created a separate document specifically for such programs.
đ° Name | -- | âMetasploit Framework âPowershell
Aircrack-ng
Aircrack- ng is a complete suite of tools to assess WiFi network security. More info here
Crack wifi passwords from a network capture file (must include EAPOL handshake).
aircrack-ng -w <wordlist> <capture_file>
aircrack-ng -w /usr/share/wordlists/rockyou.txt capture.pcap
Capa
Capa is the FLARE team's free and open-source tool to identify capabilities in executable files.
Analyse a bin file.
Log more detailed information.
Log more detailed information and direct the result to a .json file.
Enum4Linux
enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts.
More info here.
Neo-ReGeorg
Neo-reGeorg is an HTTP tunneling and pivot tool that can create a tunnel over the HTTP(S) protocol. It encapsulates other protocols and sends them back and forth via the HTTP protocol. Create an HTTP tunnel communication channel to pivot into the internal network and communicate with local network devices through HTTP protocol. It is used for proxying HTTP traffic when encountering servers that do not allow internet access during traffic proxying.
Generate a Neo-ReGeorg key
Connect to the tunnel (must be uploaded to the machine).
Connect to a machine behind the webserver through the tunnel curl, proxychains, FoxyProxy, Firefox, etc.
curl --socks5 127.0.0.1:1080 <address of machine / file>
curl --socks5 127.0.0.1:1080 http://172.20.0.120:80/flag
More info here.
oledump.py
Oledump.py is a Python tool that analyzes OLE2 files, commonly called Structured Storage or Compound File Binary Format. OLE stands for Object Linking and Embedding, a proprietary technology developed by Microsoft.
Analyse a file and investigate the 4th datastream. Then decompress any VBA code.
Firefox
Configure a manual proxy in the network setting and use the ip and port as listed in the Neo-reGeorge CLI output for the SOCKS host.
Smbclient
Smbclient is a client that can 'talk' to an SMB/CIFS server and is part of the Samba suite.
'Exploit' misconfiguration of the anonymous login ability.
RsaCTFtool
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
This tool is an utility designed to decrypt data from weak public keys and attempt to recover the corresponding private key. Also this tool offers a comprehensive range of attack options, enabling users to apply various strategies to crack the encryption.
More info and commands can be found here.
Rsatool
Rsatool can be used to calculate RSA and RSA-CRT parameters.
Can be installed from here: đ https://github.com/ius/rsatool
Create the PEM and output it to key.pem by supplying modulus and private exponent.
Create the DER and output it to key.der by supplying two primes.