Update cheatsheets

2026-01-26 11:33:59 +00:00 · 2025-06-20 00:20:24 +00:00
parent a746c9d8f6
commit 53cdffdca8
17 changed files with 373 additions and 22 deletions
--- a/tldr/bing-rewards
+++ b/tldr/bing-rewards
@@ -0,0 +1,29 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# bing-rewards
+
+> Automate daily Bing Rewards points.
+> More information: <https://github.com/jack-mil/bing-rewards>.
+
+- Complete both desktop and mobile searches:
+
+`bing-rewards`
+
+- Run 10 searches with mobile user-agent:
+
+`bing-rewards {{[-m|--mobile]}} {{[-c|--count]}} 10`
+
+- Complete mobile and desktop searches using specified Chrome profile "Profile 1":
+
+`bing-rewards --profile "Profile 1"`
+
+- Run searches sequentially across multiple Chrome profiles:
+
+`bing-rewards --profile "Default" "Profile 1" "Profile 2"`
+
+- Display help:
+
+`bing-rewards {{[-h|--help]}}`
--- a/tldr/bzip2
+++ b/tldr/bzip2
@@ -6,6 +6,7 @@ source: https://github.com/tldr-pages/tldr.git
 # bzip2

 > A block-sorting file compressor.
+> See also: `bzcat`, `bunzip2`, `bzip2recover`.
 > More information: <https://manned.org/bzip2>.

 - Compress a file:
--- a/tldr/feh
+++ b/tldr/feh
@@ -20,9 +20,9 @@ source: https://github.com/tldr-pages/tldr.git

 `feh --borderless {{path/to/images}}`

- Exit after the last image:
+- Set the behavior when reaching the beginning or end of the image list:

-`feh --cycle-once {{path/to/images}}`
+`feh --on-last-slide {{hold|quit|resume}} {{path/to/images}}`

 - Use a specific slideshow cycle delay:

--- a/tldr/linux/aa-update-browser
+++ b/tldr/linux/aa-update-browser
@@ -0,0 +1,30 @@
+---
+syntax: markdown
+tags: [tldr, linux]
+source: https://github.com/tldr-pages/tldr.git
+---
+# aa-update-browser
+
+> Update AppArmor browser profiles to use supported abstractions.
+> Part of the AppArmor suite.
+> More information: <https://manned.org/aa-update-browser>.
+
+- List available browser abstraction profiles:
+
+`sudo aa-update-browser -l`
+
+- Show what changes would be made to a profile without applying them ([d]ry-run):
+
+`sudo aa-update-browser -d {{path/to/profile}}`
+
+- Update a profile with specific abstractions:
+
+`sudo aa-update-browser -u {{abstraction1,abstraction2,...}} {{path/to/profile}}`
+
+- Remove all abstractions from a profile:
+
+`sudo aa-update-browser -u '' {{path/to/profile}}`
+
+- Display help:
+
+`aa-update-browser -h`
--- a/tldr/linux/crond
+++ b/tldr/linux/crond
@@ -0,0 +1,29 @@
+---
+syntax: markdown
+tags: [tldr, linux]
+source: https://github.com/tldr-pages/tldr.git
+---
+# crond
+
+> Daemon to execute scheduled commands from crontab files.
+> More information: <https://manned.org/crond>.
+
+- Start daemon in the background and check for scheduled commands:
+
+`crond`
+
+- Start daemon in the foreground and check for scheduled commands:
+
+`crond -n`
+
+- Send job output from the daemon to the system log:
+
+`crond -s`
+
+- Override default limitations and accept custom crontables:
+
+`crond -p`
+
+- Inherit crontab file path from environment settings:
+
+`crond -P`
--- a/tldr/linux/ip
+++ b/tldr/linux/ip
@@ -31,12 +31,12 @@ source: https://github.com/tldr-pages/tldr.git

 - Make an interface up/down:

-`sudo ip {{[l|link]}} {{[s|set]}} {{interface}} {{up|down}}`
+`sudo ip {{[l|link]}} {{[s|set]}} {{interface_name}} {{up|down}}`

 - Add/Delete an IP address to an interface:

-`sudo ip {{[a|address]}} {{add|delete}} {{ip}}/{{mask}} dev {{interface}}`
+`sudo ip {{[a|address]}} {{add|delete}} {{ip}}/{{mask}} dev {{interface_name}}`

 - Add a default route:

-`sudo ip {{[r|route]}} {{[a|add]}} default via {{ip}} dev {{interface}}`
+`sudo ip {{[r|route]}} {{[a|add]}} default via {{ip}} dev {{interface_name}}`
--- a/tldr/osx/caffeinate
+++ b/tldr/osx/caffeinate
@@ -8,22 +8,22 @@ source: https://github.com/tldr-pages/tldr.git
 > Prevent macOS from sleeping.
 > More information: <https://keith.github.io/xcode-man-pages/caffeinate.8.html>.

+- Prevent the display from sleeping:
+
+`caffeinate -d`
+
 - Prevent from sleeping for 1 hour (3600 seconds):

 `caffeinate -u -t {{3600}}`

- Prevent from sleeping until a command completes:
+- Fork a process, exec "make" in it, and prevent sleep as long as that process is running:

-`caffeinate -s "{{command}}"`
+`caffeinate -i make`

 - Prevent from sleeping until a process with the specified PID completes:

 `caffeinate -w {{pid}}`

- Prevent from sleeping (use `<Ctrl c>` to exit):
-
-`caffeinate -i`
-
 - Prevent disk from sleeping (use `<Ctrl c>` to exit):

 `caffeinate -m`
--- a/tldr/prowler
+++ b/tldr/prowler
@@ -0,0 +1,42 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler
+
+> Performs security best practices assessments, audits and compliance checks across AWS, Azure, Google Cloud, and Kubernetes.
+> See also: `prowler-aws`, `prowler-azure`, `prowler-gcp`, `prowler-kubernetes`, `prowler-m365`, `prowler-github`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run an AWS, Azure, GCP, Kubernetes - as provider - audit with default checks:
+
+`prowler {{provider}}`
+
+- Show all available checks for a specific provider:
+
+`prowler {{provider}} {{[-l|--list-checks]}}`
+
+- Show all available services for a specific provider:
+
+`prowler {{provider}} --list-services`
+
+- Generate output in multiple formats, including JSON-ASFF for AWS Security Hub:
+
+`prowler {{provider}} --output-modes {{csv,json-asff,html,...}}`
+
+- Execute in verbose mode:
+
+`prowler {{provider}} --verbose`
+
+- Filter findings by status:
+
+`prowler {{provider}} --status {{PASS,FAIL,MANUAL}}`
+
+- Display help:
+
+`prowler --help`
+
+- Display version:
+
+`prowler {{[-v|--version]}}`
--- a/tldr/prowler-aws
+++ b/tldr/prowler-aws
@@ -0,0 +1,30 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler aws
+
+> Assess AWS security best practices, perform audits, compliance checks, and generate reports.
+> See also: `prowler`, `prowler-azure`, `prowler-gcp`, `prowler-kubernetes`, `prowler-m365`, `prowler-github`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run the default set of checks on the AWS account:
+
+`prowler aws`
+
+- Use a custom AWS profile and filter audited regions:
+
+`prowler aws {{[-p|--profile]}} {{custom-profile}} {{[-f|--filter-region]}} {{us-east-1 eu-south-2 ...}}`
+
+- Run checks for selected AWS services:
+
+`prowler aws {{[-s|--services]}} {{s3 ec2 ...}}`
+
+- Run a specific AWS check:
+
+`prowler aws {{[-c|--checks]}} {{s3_bucket_public_access}}`
+
+- Exclude specific checks or services:
+
+`prowler aws {{[-e|--excluded-checks]}} {{s3_bucket_public_access}} --exclude-services {{s3 ec2 ...}}`
--- a/tldr/prowler-azure
+++ b/tldr/prowler-azure
@@ -0,0 +1,42 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler azure
+
+> Assess Azure security best practices, perform audits, compliance checks, and generate reports.
+> See also: `prowler`, `prowler-aws`, `prowler-gcp`, `prowler-kubernetes`, `prowler-m365`, `prowler-github`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run the default set of checks on the current Azure account using Azure CLI authentication:
+
+`prowler azure --az-cli-auth`
+
+- Run checks for specific Azure subscriptions:
+
+`prowler azure --az-cli-auth --subscription-ids {{subscription_id1 subscription_id2 ...}}`
+
+- Authenticate using a service principal via environment variables:
+
+`prowler azure --sp-env-auth`
+
+- Authenticate using browser login and specify a tenant ID:
+
+`prowler azure --browser-auth --tenant-id "{{XXXXXXXX}}"`
+
+- Authenticate using a managed identity (e.g. for Azure VM):
+
+`prowler azure --managed-identity-auth`
+
+- Run checks for selected Azure services:
+
+`prowler azure {{[-s|--services]}} {{defender iam ...}}`
+
+- Run a specific Azure check:
+
+`prowler azure {{[-c|--checks]}} {{storage_blob_public_access_level_is_disabled}}`
+
+- Exclude specific checks or services:
+
+`prowler azure {{[-e|--excluded-checks]}} {{storage_blob_public_access_level_is_disabled}} --exclude-services {{defender iam ...}}`
--- a/tldr/prowler-gcp
+++ b/tldr/prowler-gcp
@@ -0,0 +1,34 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler gcp
+
+> Assess Google Cloud Platform (GCP) security best practices, audits, and compliance checks.
+> See also: `prowler`, `prowler-aws`, `prowler-azure`, `prowler-kubernetes`, `prowler-m365`, `prowler-github`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run the default set of checks on all accessible GCP projects using default user credentials:
+
+`prowler gcp`
+
+- Authenticate using a service account credentials file:
+
+`prowler gcp --credentials-file {{path/to/credentials.json}}`
+
+- Scan specific GCP projects by ID:
+
+`prowler gcp --project-ids {{project_id1 project_id2 ...}}`
+
+- Run checks for selected GCP services:
+
+`prowler gcp {{[-s|--services]}} {{iam compute ...}}`
+
+- Run a specific GCP check:
+
+`prowler gcp {{[-c|--checks]}} {{gcp_storage_bucket_logging_enabled}}`
+
+- Exclude specific checks or services:
+
+`prowler gcp {{[-e|--excluded-checks]}} {{gcp_storage_bucket_logging_enabled}} --exclude-services {{iam compute ...}}`
--- a/tldr/prowler-github
+++ b/tldr/prowler-github
@@ -0,0 +1,26 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler github
+
+> Assess GitHub account, repository, and organization security best practices.
+> See also: `prowler`, `prowler-aws`, `prowler-azure`, `prowler-gcp`, `prowler-kubernetes`, `prowler-m365`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run all default GitHub security checks:
+
+`prowler github`
+
+- Authenticate using a GitHub Personal Access Token:
+
+`prowler github --personal-access-token {{pat}}`
+
+- Authenticate using a GitHub OAuth App Token:
+
+`prowler github --oauth-app-token {{oauth_token}}`
+
+- Authenticate using a GitHub App ID and private key:
+
+`prowler github --github-app-id {{app_id}} --github-app-key {{app_key}}`
--- a/tldr/prowler-kubernetes
+++ b/tldr/prowler-kubernetes
@@ -0,0 +1,38 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler kubernetes
+
+> Assess Kubernetes cluster security best practices and configurations.
+> See also: `prowler`, `prowler-aws`, `prowler-azure`, `prowler-gcp`, `prowler-m365`, `prowler-github`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run the default checks using the default kubeconfig location:
+
+`prowler kubernetes`
+
+- Specify a custom kubeconfig file for scanning:
+
+`prowler kubernetes --kubeconfig-file {{path/to/kubeconfig}}`
+
+- Specify a specific Kubernetes context to scan:
+
+`prowler kubernetes --context {{my-context}}`
+
+- Scan specific namespaces only:
+
+`prowler kubernetes --namespaces {{default}} {{kube-system}}`
+
+- Run checks for selected Kubernetes services:
+
+`prowler kubernetes {{[-s|--services]}} {{ietcd apiserver ...}}`
+
+- Run a specific Kubernetes check:
+
+`prowler kubernetes {{[-c|--checks]}} {{etcd_encryption}}`
+
+- Exclude specific checks or services:
+
+`prowler kubernetes {{[-e|--excluded-checks]}} {{etcd_encryption}} --exclude-services {{ietcd apiserver ...}}`
--- a/tldr/prowler-m365
+++ b/tldr/prowler-m365
@@ -0,0 +1,34 @@
+---
+syntax: markdown
+tags: [tldr, common]
+source: https://github.com/tldr-pages/tldr.git
+---
+# prowler m365
+
+> Assess Microsoft 365 (M365) security configurations and best practices.
+> See also: `prowler`, `prowler-aws`, `prowler-azure`, `prowler-gcp`, `prowler-kubernetes`, `prowler-github`.
+> More information: <https://docs.prowler.com/projects/prowler-open-source/en/latest/>.
+
+- Run Prowler with combined service principal and user credentials:
+
+`prowler m365 --env-auth`
+
+- Authenticate using a service principal:
+
+`prowler m365 --sp-env-auth`
+
+- Authenticate using the Azure CLI:
+
+`prowler m365 --az-cli-auth`
+
+- Authenticate using a browser and specify the tenant ID:
+
+`prowler m365 --browser-auth --tenant-id "{{XXXXXXXX}}"`
+
+- Run a specific Microsoft 365 check:
+
+`prowler m365 {{[-c|--checks]}} {{etcd_enm365_onedrive_sharing_enabledcryption}}`
+
+- Exclude specific checks:
+
+`prowler m365 {{[-e|--excluded-checks]}} {{m365_onedrive_sharing_enabled}}`
--- a/tldr/pv
+++ b/tldr/pv
@@ -14,11 +14,11 @@ source: https://github.com/tldr-pages/tldr.git

 - Measure the speed and amount of data flow between pipes (`--size` is optional):

-`command1 | pv {{[-s|--size]}} {{expected_amount_of_data_for_eta}} | command2`
+`{{command1}} | pv {{[-s|--size]}} {{expected_amount_of_data_for_eta}} | {{command2}}`

 - Filter a file, see both progress and amount of output data:

-`pv {{[-cN|--cursor --name]}} in {{big_text_file}} | grep {{pattern}} | pv {{[-cN|--cursor --name]}} out > {{filtered_file}}`
+`pv {{[-cN|--cursor --name]}} in {{path/to/file.txt}} | grep {{pattern}} | pv {{[-cN|--cursor --name]}} out > {{path/to/filtered_file.txt}}`

 - Attach to an already running process and see its file reading progress:

@@ -26,8 +26,12 @@ source: https://github.com/tldr-pages/tldr.git

 - Read an erroneous file, skip errors as `dd conv=sync,noerror` would:

-`pv {{[-EE|--skip-errors --skip-errors]}} {{path/to/faulty_media}} > image.img`
+`pv {{[-EE|--skip-errors --skip-errors]}} {{path/to/faulty_media}} > {{path/to/image.img}}`

 - Stop reading after reading specified amount of data, rate limit to 1K/s:

-`pv {{[-L|--rate-limit]}} 1K {{[-S|--stop-at-size]}} {{maximum_file_size_to_be_read}}`
+`pv {{[-L|--rate-limit]}} {{1K}} {{[-S|--stop-at-size]}} {{maximum_file_size_to_be_read}}`
+
+- Calculate hash (MD5, SHA1, SHA256, etc) of a large file and show progress:
+
+`pv {{path/to/file}} | {{sha256sum}}`
--- a/tldr/windows/msedge
+++ b/tldr/windows/msedge
@@ -24,19 +24,19 @@ source: https://github.com/tldr-pages/tldr.git

 - Open in application mode (without toolbars, URL bar, buttons, etc.):

-`msedge --app={{https://example.com}}`
+`msedge --app {{https://example.com}}`

 - Use a proxy server:

-`msedge --proxy-server="{{socks5://hostname:66}}" {{example.com}}`
+`msedge --proxy-server "{{socks5://hostname:66}}" {{example.com}}`

 - Open with a custom profile directory:

-`msedge --user-data-dir={{path/to/directory}}`
+`msedge --user-data-dir {{path/to/directory}}`

 - Open without CORS validation (useful to test an API):

-`msedge --user-data-dir={{path/to/directory}} --disable-web-security`
+`msedge --user-data-dir {{path/to/directory}} --disable-web-security`

 - Open with a DevTools window for each tab opened:

--- a/tldr/zcat
+++ b/tldr/zcat
@@ -5,13 +5,25 @@ source: https://github.com/tldr-pages/tldr.git
 ---
 # zcat

-> Print data from `gzip` compressed files.
+> Print data from `gzip` compressed files to `stdout`.
 > More information: <https://www.gnu.org/software/gzip/manual/gzip.html>.

 - Print the uncompressed contents of a `gzip` archive to `stdout`:

-`zcat {{file.txt.gz}}`
+`zcat {{path/to/file.txt.gz}}`

 - Print compression details of a `gzip` archive to `stdout`:

-`zcat {{[-l|--list]}} {{file.txt.gz}}`
+`zcat {{[-l|--list]}} {{path/to/file.txt.gz}}`
+
+- Test the integrity of a compressed file verbosely:
+
+`zcat {{[-v|--verbose]}} {{[-t|--test]}} {{path/to/file.txt.gz}}`
+
+- Suppress all warnings when decompressing a file:
+
+`zcat {{[-q|--quiet]}} {{path/to/file.txt.gz}}`
+
+- Avoid any system crashes when decompressing a file (slower output):
+
+`zcat --synchronous {{path/to/file.txt.gz}}`