By Manny Fernandez

May 21, 2017

Windows Logging Cheat

Yesterday, I attaended Hack Miami Con and had a great time. Met Michael Gough of Log-MD. He gave the keynote named “What I have learned the past 20 Years as a Blue Teamer, done some red teaming too that you should know”. He talked, among other things about the “Windows Logging Cheat Sheet” he developped. For any Blue Teamer, this is required reading in my opinion. He went into artifacts you should be collecting.

Michael’s Web Site is: https://malwarearchaeology.squarespace.com/cheat-sheets/

Michael also discussed Log-MD which he co-founded. I am going to install it and review it…. coming soon. He lives in Texas but obviously he travels. If you get a chance to talk to him or listen to a talk, I suggest you do it.

Here is an example of his Cheat Sheet

 

Recent posts

  • At its core, IEEE 802.1X is a network layer... Full Story

  • In case you did not see the previous FortiNAC... Full Story

  • This is our 5th session where we are going... Full Story

  • Now that we have Wireshark installed and somewhat configured,... Full Story

  • The Philosophy of Packet Analysis Troubleshooting isn't about looking... Full Story