ENNAENNA
Quick Reference

Cheat Sheets

Copy-paste command references for the tools you use every day. No fluff, just the flags you need.

Nmap Cheat Sheet

6 sections · 28 commands

Essential nmap commands for network discovery, port scanning, service enumeration, and firewall evasion. Covers everything from basic host discovery to advanced NSE scripting.

Host DiscoveryScan TypesNSE Scripts

Hashcat Cheat Sheet

5 sections · 23 commands

GPU-accelerated password cracking with hashcat. Covers attack modes, hash type identifiers, rule-based mutations, mask attacks, and session management for long-running jobs.

Attack ModesCommon Hash TypesRules

SQLMap Cheat Sheet

5 sections · 22 commands

Automated SQL injection detection and exploitation with sqlmap. From basic URL testing through database enumeration, OS-level access, and WAF bypass techniques.

Basic UsageInjection TechniquesEnumeration

ffuf Cheat Sheet

5 sections · 20 commands

Fast web fuzzer for directory discovery, virtual host enumeration, and parameter brute-forcing. Covers filtering, matching, recursion, and integration with wordlists.

Directory Brute-ForcingVirtual Host DiscoveryParameter Fuzzing

Nuclei Cheat Sheet

5 sections · 20 commands

Template-based vulnerability scanner for fast, configurable security checks. Covers template selection, severity filtering, rate limiting, output formatting, and workflow orchestration.

Template SelectionSeverity FilteringRate Limiting & Performance

Subfinder Cheat Sheet

4 sections · 17 commands

Passive subdomain discovery tool that aggregates results from dozens of sources. Fast, configurable, and designed to integrate with the ProjectDiscovery toolchain.

Basic UsageSource ConfigurationOutput Options

Metasploit Cheat Sheet

5 sections · 23 commands

The Metasploit Framework for penetration testing, exploit development, and post-exploitation. Covers msfconsole navigation, payload generation, exploit usage, and post-exploitation modules.

MSFConsole BasicsPayloadsRunning Exploits

Wireshark Cheat Sheet

5 sections · 24 commands

Network protocol analyzer for deep packet inspection. Covers display filters by protocol, statistics features, stream following, and tshark CLI equivalents for automation.

TCP/IP Display FiltersApplication Protocol FiltersStatistics & Analysis

Burp Suite Cheat Sheet

5 sections · 23 commands

Web application security testing platform. Covers proxy configuration, Intruder attack types, Repeater workflows, scanner usage, and extending Burp with extensions.

Proxy SetupIntruder AttacksRepeater & Decoder

John the Ripper Cheat Sheet

5 sections · 23 commands

Versatile password cracker supporting hundreds of hash formats. Covers format detection, wordlist attacks, rule-based mutations, incremental brute-force, and session management.

Hash FormatsWordlist AttacksRules & Mangling