Crafting a design system for a multiplanetary future

Most companies try to stay ahead of the curve when it comes to visual design, but for Planetaria we needed to create a brand that would still inspire us 100 years from now when humanity has spread across our entire solar system.

Foreword

Here is a list of different resources I often reference that you may find valuable.

Windows

CMD

  • netstat -naob
    • netstat -nao | findstr /c "PORT" You can search for a port faster here
    • netstat -nao | findstr /v "443" /v means everything except what we specify
    • netstat -nao | findstr /v "443 80 135 445 623" Search for everything except these ports. Spaces create another search term

  • ipconfig /all

  • whoami /all

  • arp -a

  • route print

  • systeminfo

  • tracert

  • nslookup

  • hostname

  • tasklist

  • sfc /scannow

  • icacls

  • robocopy

  • curl ifconfig.me/ip Get your public IP address. Probably works on linux too.

Reset faulty USB drive

  • Launch cmd as admin
  • diskpart
  • list disk
  • select disk #
  • clean
  • Now reformat it in diskmgmt

Powershell

  • Copy-Item
  • Move-Item
  • Invoke-WebRequest
  • Write-Output

Linux

Setup SSH Keys

SCP Commands

SFTP Commands

  • sftp username@hostname
  • get -r source_dir dest_dir

Set Time

Change Hostname

  • sudo vi /etc/hostname/ Now reboot

Linux SSH-Server

Set alias

Temporary Alias

  • alias ll="ls -alF"

Permanent Alias

  • sudo vi .bashrc
    • alias ll="ls -alF"

General Commands

  • ll -lh
  • wc
  • uniq
  • cut
  • awk
  • sed
  • ps -aux
  • htop
  • zcat LOG.* | grep SEARCH | less -FRSXc Look for something in zeek files in a neat way.
  • date -d @1669764687.779819 Turn zeek date into local system time human readable
  • jq Thank me later :)

Keyboard Shortcuts

  • Tab - Autocompletes command
  • Ctrl + C - Break out of command
  • Ctrl + L - Clear screen
  • Ctrl + A - Move to beginning of line
  • Ctrl + E - Move to end of line
  • Ctrl + U - Erase everything from cursor to beginning of line
  • Ctrl + K - Erase everything from cursor to end of line
  • Ctrl + W - Erase word preceding cursor
  • Ctrl + Y - Paste everything that you erased
  • Ctrl + P - See previous command
  • Ctrl + N - See next command
  • !! - Rerun last command
  • sudo !! - Rerun last command with sudo. For when you forgot to run the command as admin
  • Alt + F - Move cursor forward by one word
  • Alt + B - Move cursor backward by one word

VIM / VI

Input Commands

Network Troubleshooting

  • ifconfig
  • route -n
  • arp -a
IPTables
  • iptables -L List iptable rules
  • iptables -t filter -F Flush All Iptables Chains/Firewall rules
  • iptables -t filter -X Delete all Iptables Chains
  • Deny all traffic. Create rules to allow outbound traffic now
  • iptables -P INPUT DENY
  • iptables -P FORWARD DENY
  • iptables -P OUTPUT DENY

Guides

TMUX

Blue Team

D3fend Framework

https://d3fend.mitre.org/

DFIR Resources

Blogs

Podcasts

Cyber Chef

Regex

Logging

Hardening Guides

OSINT

BEC Compromises

Tools

Networking

I believe everyone in the technical side of cybersecurity must have a good understanding of networking.

You can also get Palo Alto training online for free if you’re a student with labs!

Must have tools

Games

IR on Windows Boxes

Lots of this information for this section came from John Strand’s pay what you can courses. Antisyphon training is a fantastic place to learn at an affordable price. I highly recommend them.

Start with network connections and work backwards. Some of these commands require elevated privileges. Be mindful of the admin account you are using to run these on a since it is a potentially compromised system…

  • net view What shares are open?
  • net session Who is talking to this computer?
  • net use Who is this system talking to?
  • netstat What are all network connections?
  • netstat -naob What are the TCP and UDP connections with port numbers and processes?
  • netstat -f What are the current connections with fully qualified domain names? Look for unusual domains that aren’t MS, Google, etc.

Now look into processes. Use the above commands to look for unusual connections and then drill into the processes.

  • tasklist List all processes
  • tasklist /svc List all services
  • tasklist /m Modules loaded for each process
  • tasklist /m ntdll.dll Look for specific processes with ntdll.dll
  • tasklist /m /fi "pid eq [proc_id] Explore specific process modules
  • tasklist /FI "IMAGENAME eq [process_name] See all processes with that process name
  • wmic process list full See lots of info about all processes
  • wmic process get name,parentprocessid,processid Another way to list all processes
  • wmic process where processid=[pid] get commandline Show commandline of specific process

IR on Linux Boxes

  • ps aux See all current processes
  • top Another way to see current processes
  • ip a IP Info
  • ifconfig Another way to see IP info
  • ping
  • netstat -nap

https://github.com/DominicBreuker/pspy

Training

Advanced

Intermediate

Beginner

Programming Resources

Python

Golang

C#

C

Programming in Windows

Docker Resources

  • [TODO]

Home Labs

ISO Images & VM’s

Prebuilt Lab Envs

Guides

Planning

Governance Risk and Compliance (GRC) & Privacy

CIS

CIS covers lots of different North American frameworks.

NIST

  • [TODO]

Privacy

Privacy is split into three sections if we follow IAPP: Privacy Regulations, Management, and Technology

News

Techniques

  • Cynefin

  • Conscious Competence

  • Gap Analysis

  • SWOT Analysis

  • Power/Interest Grid

  • Stakeholder management

  • Boston Box

  • Feasibility Analysis

  • Cost Benefit Analysis

  • Risk Analysis

  • Time Boxing

  • MOSCOW Prioritization

    [
  {
    "title": "apples",
    "count": [12000, 20000],
    "description": { "text": "...", "sensitive": false }
  },
  {
    "title": "oranges",
    "count": [17500, null],
    "description": { "text": "...", "sensitive": false }
  }
]
Home Articles About

© Jason Gahr 2023. All rights reserved.