Microsoft SQL Server forensics and threat hunting guide covering registry paths, log locations, attack indicators, and configuration analysis for compromised SQL Server instances.
Concise guide for writing Sigma detection rules covering structure, modifiers, best practices, and tools for SOC analysts and detection engineers working with Splunk, Elastic, or LogPoint.
Essential regex patterns for matching, capturing, and string manipulation adapted for security analysts, blue teamers, and SOC professionals working with detection rules.
Essential techniques for IP and domain investigations including reputation checks, WHOIS lookups, DNS inspection, passive intelligence, and payload retrieval for threat hunting and incident response.
Essential macOS Terminal commands for file operations, process management, networking, Homebrew, and security controls like Gatekeeper and SIP for sysadmins and DFIR practitioners.
Fast-access PowerShell reference for system administration, automation, security auditing, covering file management, networking, scripting, and Winget for IT pros and analysts.
Key Windows Registry locations for persistence mechanisms, user activity traces, and IOC hunting in malware analysis and forensic investigations for DFIR professionals.
Critical Windows event IDs, logon types, and log locations for threat hunting and incident response, including Security.evtx, PowerShell logs, and Chainsaw analysis techniques.
Comprehensive reference for static and dynamic malware analysis using Ghidra, x64dbg, REMnux, including PDF analysis, unpacking techniques, and reverse engineering workflows. - static-analysis - dynamic-analysis
