web
analytics

Hindsight Evolution of Chrome Databases

https://github.com/obsidianforensics/hindsight/blob/master/documentation/Evolution%20of%20Chrome%20Databases%20(v35).pdf

 

Revense Malware Skills

https://pbs.twimg.com/media/B3-p2_gCQAADcIA.jpg:large

Reverse Engineering Malware

https://zeltser.com/media/docs/reverse-engineering-cheat-sheet.pdf

Analyzing Malicious Documents

https://zeltser.com/media/docs/analyzing-malicious-document-files.pd

/ForensicPosters GPT

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters Registry_NamedKey

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters Registry_Header

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters Prefetch101

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 7_$Boot(VBR)

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 4_$AttrDef

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0xXX_NonResident

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters _MBR

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0xA0_$INDEX_ALLOCATION

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

The Windows PowerShell Logging Cheat Sheet     

http://hackerhurricane.blogspot.com/2016/10/the-windows-logging-file-and-registry.html

The Windows Registry Auditing Logging Cheat Sheet   

http://hackerhurricane.blogspot.com/2016/10/the-windows-logging-file-and-registry.html 

CYFOR’s Cell Site Analysis Infographic

http://cyfor.co.uk/cyfors-cell-site-analysis-infographic/   

 

Girl Allocated Report Writing Cheat Sheet (blog no longer exists)

https://www.pinterest.com/source/girlunallocated.blogspot.com 

 

How Internet Forensics Changed Criminal Investigations (forensicsmag.com)

http://www.forensicmag.com/blog/2014/05/infographic-how-internet-forensics-changed-criminal-investigations

 

Hack Attack 

http://forensicmethods.com/hackattack 

Evidence Collection Cheat Sheet

https://digital-forensics.sans.org/media/evidence_collection_cheat_sheet.pdf 

 

Windows to Unix Cheat Sheet

https://digital-forensics.sans.org/media/windows_to_unix_cheatsheet.pdf 

 SANS Hex and Regex Forensics Cheat Sheet

https://digital-forensics.sans.org/media/hex_file_and_regex_cheat_sheet.pdf 

SANS FOR518 Reference 

https://digital-forensics.sans.org/media/FOR518-Reference-Sheet.pdf 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

 

Free Trial Graphics from PinPointLabs

http://pinpointlabs.com/trialgraphics.html 

Win32 Assembly Cheat Sheet

https://t.co/5DausXmC0V

 

PEWalk Thru

http://imgur.com/tnUca

PE Format

http://www.openrce.org/reference_library/files/reference/PE%20Format.pdf

mozilla_pbe

https://github.com/lclevy/firepwd/blob/master/mozilla_pbe.pdf

/ForensicPosters $UsnJrnl_$J

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

 

/ForensicPosters $UsnJrnl_$Max

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0_MFT

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x10_$STANDARD_INFORMATION

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x20_$ATTRIBUTE_LIST

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x30_$FILE_NAME

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x60_$VOLUME_NAME

 

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x70_$VOLUME_INFORMATION

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x80_$DATA

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

/ForensicPosters 0x90_$INDEX_ROOT

https://github.com/Invoke-IR/ForensicPosters/tree/master/Posters

 

The Windows Logging Cheat Sheet   

http://hackerhurricane.blogspot.com/2016/10/the-windows-logging-file-and-registry.html 

The Windows Splunk Logging Cheat Sheet    

http://hackerhurricane.blogspot.com/2016/10/the-windows-logging-file-and-registry.html 

The Windows File Auditing Logging Cheat Sheet    

http://hackerhurricane.blogspot.com/2016/10/the-windows-logging-file-and-registry.html 

SANS Advanced Smartphone Forensics Poster

https://digital-forensics.sans.org/blog/2014/06/24/getting-the-most-out-of-smartphone-forensic-exams-sans-advanced-smartphone-forensics-poster-release 

 SANS SIFT 7 REMnux

https://www.sans.org/security-resources/posters/sift-remnux-poster/125/download 

 

SANS Digital Forensics SIFT'ing: Cheating Timelines with log2timeline

------

https://digital-forensics.sans.org/blog/2011/12/16/digital-forensics-sifting-cheating-timelines-with-log2timeline 

 

SANS Finding Evil on Windows Systems 

https://digital-forensics.sans.org/media/poster_2014_find_evil.pdf 

SANS Rekall Memory Forensic Framework

https://digital-forensics.sans.org/media/rekall-memory-forensics-cheatsheet.pdf 

 DFIR "Memory Forensics" Poster 

https://digital-forensics.sans.org/media/Poster-2015-Memory-Forensics2.pdf 

SANS Windows Forensics Analysis

https://digital-forensics.sans.org/media/poster-windows-forensics-2016.pdf

Linux Shell Survival Guide

https://digital-forensics.sans.org/media/linux-shell-survival-guide.pdf 

Forensic Mind Map

http://www.amanhardikar.com/mindmaps/Forensics.html