Cheat sheets or reference guides?

Hi all,
SANS has some great cheat sheets for IR & forensics https://digital-forensics.sans.org/community/cheat-sheets. I was just curious if anyone has others they like to reference or if anyone is willing to share personally-curated ones?

Thanks!

@Java a few others that I like are below. Following Lenny Zeltser in general is a great idea, he as always on top of what is going on and takes a real practical approach. Alos he is pretty active on Twitter: twitter.com/lennyzeltser

Questions you should be asking yourself during the IR process

Searching event logs from the command line using wevtutil.exe

Some general command line helps, a lot using Windows Management Instrumentation Command-line (wmic)

Would love to see some of the personally curated cheat sheets

1 Like

I found a good one from the University of Connecticut’s ISO - https://security.uconn.edu/wp-content/uploads/sites/251/2015/11/Security-reference-guide.pdf. Ironically it’s also from Lenny Zeltser, as @cody.cornell referenced above.

I’m sure this is linked somewhere, but tossing it out there just in case:

ATT&CK Matrix
https://attack.mitre.org/wiki/Main_Page

There are a lot of “awesome” lists on github for everything, DFIR, malware analysis, pentest, networking and of course forensics! https://github.com/cugu/awesome-forensics

Hi @bewniac! Thanks for sharing.

Glad you’ve joined us!

Cheers,
Emma Furtado
SecOps Hub Community Manager

1 Like