Cybersecurity Cheatsheet — BitWithBite

🔐 Security & Hacking

Cybersecurity Complete Cheatsheet

CIA triad to OWASP Top 10 — everything you need for cybersecurity fundamentals.

📖 10 sections

⏱ 22 min read

✅ Quizzes included

🌙 Dark mode

01 Core Concepts ▼

CIA Triad

Confidentiality + Integrity + Availability — three pillars of security

Authentication

Verifying identity (who are you?)

Authorization

Granting permissions (what can you do?)

Encryption

Converting data to unreadable format. Symmetric vs asymmetric.

Threat

Potential harm. Vulnerability = weakness. Risk = threat × vulnerability.

Attack surface

All points where attacker could try to enter/extract data.

Defence in depth

Multiple security layers — if one fails, others stop attack.

Zero trust

Never trust, always verify — even inside network.

02 Network Fundamentals ▼

IP address

Unique identifier for device on network. IPv4: 192.168.1.1, IPv6: 2001:db8::1

Port

Logical endpoint. HTTP:80, HTTPS:443, SSH:22, FTP:21, DNS:53, SMTP:587

TCP

Reliable, ordered, connection-based. Uses 3-way handshake.

UDP

Fast, connectionless, no guarantee. Used for streaming, DNS.

DNS

Translates domain names to IPs. Hierarchy: root→TLD→authoritative.

NAT

Network Address Translation. Maps private IPs to public IP.

OSI Model

7 layers: Physical, Data Link, Network, Transport, Session, Presentation, Application

SECURITYOSI model

Layer 7: Application  — HTTP, FTP, SMTP, DNS
Layer 6: Presentation — SSL/TLS, encryption, JPEG
Layer 5: Session      — Session management, NetBIOS
Layer 4: Transport    — TCP, UDP, ports
Layer 3: Network      — IP, routing, ICMP
Layer 2: Data Link    — MAC addresses, Ethernet, switches
Layer 1: Physical     — Cables, signals, bits

03 Common Attacks ▼

Phishing

Deceptive email/site to steal credentials. Spear phishing = targeted.

SQL Injection

Input: '; DROP TABLE users;-- to manipulate DB queries.

XSS

Cross-Site Scripting. Inject malicious JS into web pages.

CSRF

Cross-Site Request Forgery. Trick user's browser to make unauthorized requests.

Man-in-the-Middle

Intercept and possibly alter communications between two parties.

DDoS

Distributed Denial of Service. Overwhelm server with traffic.

Ransomware

Encrypts victim's files. Demands ransom for decryption key.

Social engineering

Manipulate people (not systems). Pretexting, tailgating, baiting.

SECURITYSQL injection example

Vulnerable: SELECT * FROM users WHERE name = '" + input + "'

Attack input: ' OR '1'='1
Result query: SELECT * FROM users WHERE name = '' OR '1'='1'
→ Returns ALL users!

Fix: Use parameterized queries / prepared statements
cursor.execute("SELECT * FROM users WHERE name = ?", (input,))

04 Cryptography ▼

Encryption Types

Symmetric

Same key for encrypt/decrypt. Fast. AES-256. Key distribution problem.

Asymmetric

Public key encrypts, private key decrypts. RSA, ECC. Slow but solves key exchange.

Hybrid

Use asymmetric to exchange symmetric key, then use symmetric. How TLS works.

Hash

One-way function. SHA-256, SHA-3. Same input → same output, not reversible.

Salt

Random data added before hashing passwords. Prevents rainbow table attacks.

Digital signature

Hash encrypted with private key. Proves authenticity + integrity.

SECURITYHashing passwords

# WRONG: storing plaintext or weak hash
password_db = sha1(password)  # SHA-1 broken!

# RIGHT: use bcrypt, scrypt, or Argon2
import bcrypt
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt(rounds=12))
bcrypt.checkpw(password.encode(), hashed)  # verify

05 Web Security ▼

OWASP Top 10

1. Broken Access Control

User accesses unauthorized resources/actions.

2. Cryptographic Failures

Weak/missing encryption, storing passwords in plaintext.

3. Injection

SQL, LDAP, XPath, OS command injection.

4. Insecure Design

Missing security controls in architecture.

5. Security Misconfiguration

Default credentials, unnecessary features enabled, verbose errors.

6. Vulnerable Components

Using libraries with known vulnerabilities.

7. Auth Failures

Weak passwords, credential stuffing, no MFA.

8. Software Integrity Failures

Unsigned updates, insecure deserialization.

9. Logging Failures

Not logging security events, not monitoring.

10. SSRF

Server-side request forgery — server makes request to attacker-controlled URL.

06 Authentication ▼

MFA/2FA

Multi-factor: something you know + have + are.

OAuth 2.0

Authorization framework. 'Login with Google' pattern.

JWT

JSON Web Token. Stateless auth. Header.Payload.Signature.

Session hijacking

Stealing session cookie to impersonate user.

Privilege escalation

Gaining more permissions than authorized.

RBAC

Role-Based Access Control. User has roles, roles have permissions.

HTTPS/TLS

Encrypts data in transit. Certificate Authority validates identity.

CORS

Cross-Origin Resource Sharing. Browser security policy for cross-origin requests.

07 Penetration Testing ▼

SECURITYBasic pen testing phases

1. RECONNAISSANCE
   nmap -sV target.com  # scan ports/services
   whois target.com      # domain info
   Google dorking: site:target.com filetype:pdf

2. SCANNING & ENUMERATION
   nmap -A -p- target.com
   nikto -h target.com   # web vulnerability scanner
   dirb http://target.com  # directory bruteforce

3. EXPLOITATION
   Use Metasploit, manual exploits
   Always get written permission first!

4. POST-EXPLOITATION
   Maintain access, pivot, data exfiltration (in scope)

5. REPORTING
   Document findings, severity, remediation steps

⚠️

NEVER perform security testing without explicit written permission. Unauthorized testing is illegal.

08 Security Tools ▼

Wireshark

Packet analyzer. Captures and analyzes network traffic.

Nmap

Network scanner. Port scanning, service detection, OS fingerprinting.

Burp Suite

Web security testing. Intercept/modify HTTP requests.

Metasploit

Exploit framework. Penetration testing platform.

Hashcat

Password cracker. GPU-accelerated. Brute force + dictionary attacks.

John the Ripper

Password cracker. Offline hash cracking.

Nessus/OpenVAS

Vulnerability scanners. Identify known vulnerabilities.

OWASP ZAP

Web app scanner. Automated vulnerability detection.

09 Best Practices ▼

Input validation

Validate and sanitize ALL user input on server-side.

Principle of least privilege

Give minimum permissions needed.

Secure by default

Secure configuration out of the box.

Defence in depth

Firewalls + IDS + WAF + monitoring + patching + encryption.

Patch management

Update systems promptly. Most attacks exploit known vulns.

Security headers

Content-Security-Policy, X-Frame-Options, HSTS, X-XSS-Protection.

SECURITYSecurity headers

# nginx
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "default-src 'self'" always;
add_header X-Frame-Options DENY always;
add_header X-Content-Type-Options nosniff always;

10 Mini Quizzes ▼

❓ Quiz 1

What does the CIA triad stand for?

CIA Triad = Confidentiality (only authorized access), Integrity (data not tampered), Availability (accessible when needed). The three core pillars of information security.

❓ Quiz 2

What prevents SQL injection?

Parameterized queries separate SQL code from data, so user input is never interpreted as SQL. Also: use an ORM, validate input, apply least privilege to DB accounts.