Cheat sheets, notes, random code bits, tutorials, and projects that I’m working on.


My name is Jayson, and I work in the offensive security space. I have worked as a Purple Team Lead, Red Team Lead, Penetration Tester, Tool Developer, Cloud Engineer, and System Administrator. I successfully completed my BS-CS at UNM in the Summer of 2016, and am very happy to be done with school. I am passionate about automating offensive security work through tool development and employing devops concepts. I am also interested in APTs (Advanced Persistent Threats) and understanding the motivations behind the creation of nation-state-funded Malware....

Jayson Grace

Password Manager Cheatsheet

Keeper Install CLI client Get the latest version and install the appropriate package: AUTHOR='Keeper-Security' REPO_NAME='Commander' curl -s "${AUTHOR}/${REPO_NAME}/releases/latest" \ | jq -r '.assets[].browser_download_url' Login to Keeper Run this command: keeper login When prompted, enter your email, then your TOTP, and finally your master password. Resource: Get a password using its name This particular example will return the password for the entry called in the vault: My Vault> find-password gmail....

February 28, 2022 · Jayson Grace

Markdown Cheatsheet

Table of Contents You can use this site to generate the code for you. For example: ## Table of Contents - [Prerequisites](#prerequisites) - [Create](#create) --- ## Prerequisites * Stuff * Things --- ## Create * More stuff * More things Resource: Add line break Simply add two spaces after the line that you want to break on. Resource:

January 17, 2022 · Jayson Grace

ELK Cheatsheet

Elasticsearch Get version of ES curl http://localhost:9200/ Get all indices in a cluster curl http://localhost:9200/_aliases Get all indices in a cluster (pretty) curl http://localhost:9200/_aliases?pretty=true Show index creation time curl http://localhost:9200/_cat/indices?h=health,status,index,id,pri,rep,docs.count,docs.deleted,store.size, Resource: Get number of docs in a cluster curl http://localhost:9200/_cat/count?v Get number of docs in an index curl http://localhost:9200/index/_count Get Roles This is where you can get answers to questions like “what do I have access to?” curl http://localhost:9200/_security/role Resource: https://www....

February 25, 2021 · Jayson Grace

Azure Cheatsheet

Getting Started Install latest version of Azure CLI on Mac brew update && brew install azure-cli Resource: Install latest version of Azure CLI on Linux # YOLO curl -sL | sudo bash Resources: Install PowerShell brew install --cask powershell-preview Run a powershell terminal with: pwsh-preview Update Powershell brew update brew upgrade powershell-preview --cask Uninstall Powershell brew uninstall --cask powershell sudo rm -rf /usr/local/bin/pwsh-preview /usr/local/microsoft/powershell Resource:

February 18, 2021 · Jayson Grace

Terraform Cheatsheet

Installation on Ubuntu 20.04 sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl curl -fsSL | sudo apt-key add - sudo apt-add-repository "deb [arch=amd64] $(lsb_release -cs) main" sudo apt-get update && sudo apt-get install -y terraform # Verify it works terraform -v Resource: Commands This is used to download and configure providers in your terraform code: terraform init Resource: Reconfigure state If you need to reconfigure your state, run the following:...

October 1, 2020 · Jayson Grace

IDA Cheatsheet

Find a string Alt+b Once you’ve done this, be sure to encase the string you want to find in “”. For example: "string to find" Open breakpoints window Ctrl + Alt + b Preset breakpoints Click Debugger Debugger options… Set specific options Check the box next to preset BPTs Click OK Debug Android Activity Find an activity in a package that you want to look at Click Debugger -> Debugger options -> Set specific options Set the ADB executable (you can find this with which adb) Click Fill from AndroidManifest....

September 3, 2020 · Jayson Grace

Packet Capture Notes

Wireshark Filter where the source ip is not ip.src != Filter where the destination ip is not ip.dst != Find packets with a string in them frame contains <thing to search> For example: frame contains google Resource: Show hostnames Go to View -> Name Resolution -> Check the box next to Resolve Network Addresses Resource: Filter TLS traffic ssl.record.version If you want to only show TLS v1....

June 15, 2020 · Jayson Grace

Shodan Cheatsheet

Sites with valid SSL certs ssl:"orgname" 200 Negative search This is used to specify things you don’t want to be appended to your search -"content" An example could be: ssl:"orgname" 200 -"nosniff" Look for patterns in html html:"Dashboard Jenkins" Search for a specific technology This example will find all sites that use Bootstrap http.component:bootstrap Jenkins: http.component:"jenkins" Resources: Assets belonging to an organization org:"Name of Organization" That also return a 200 response code org:"Name of Organization" 200 Find CVE-2020-3452 org:"Name of Organization" 200 "Set-Cookie: webvpn;" Resource: https://twitter....

February 28, 2020 · Jayson Grace

Jira Cheatsheet

JQL Show tickets created by a user This will also show them in descending order, which will give you the most recently created issues first. reporter = <username> order by created DESC Query by project project = "Project Name" Find issues belonging to an inactive user reporter in (inactiveUsers()) Search via text text ~ "thing to search for" Searching for multiple criteria project = "Project Name" AND text ~ "something" Resource: https://community....

January 28, 2020 · Jayson Grace