Cheat sheets or reference guides?

Hi all,
SANS has some great cheat sheets for IR & forensics I was just curious if anyone has others they like to reference or if anyone is willing to share personally-curated ones?


@Java a few others that I like are below. Following Lenny Zeltser in general is a great idea, he as always on top of what is going on and takes a real practical approach. Alos he is pretty active on Twitter:

Questions you should be asking yourself during the IR process

Searching event logs from the command line using wevtutil.exe

Some general command line helps, a lot using Windows Management Instrumentation Command-line (wmic)

Would love to see some of the personally curated cheat sheets

1 Like

I found a good one from the University of Connecticut’s ISO - Ironically it’s also from Lenny Zeltser, as @cody.cornell referenced above.

I’m sure this is linked somewhere, but tossing it out there just in case:

ATT&CK Matrix

There are a lot of “awesome” lists on github for everything, DFIR, malware analysis, pentest, networking and of course forensics!

Hi @bewniac! Thanks for sharing.

Glad you’ve joined us!

Emma Furtado
SecOps Hub Community Manager

1 Like