By Manny Fernandez

May 21, 2017

Windows Logging Cheat

Yesterday, I attaended Hack Miami Con and had a great time. Met Michael Gough of Log-MD. He gave the keynote named “What I have learned the past 20 Years as a Blue Teamer, done some red teaming too that you should know”. He talked, among other things about the “Windows Logging Cheat Sheet” he developped. For any Blue Teamer, this is required reading in my opinion. He went into artifacts you should be collecting.

Michael’s Web Site is: https://malwarearchaeology.squarespace.com/cheat-sheets/

Michael also discussed Log-MD which he co-founded. I am going to install it and review it…. coming soon. He lives in Texas but obviously he travels. If you get a chance to talk to him or listen to a talk, I suggest you do it.

Here is an example of his Cheat Sheet

 

Leave a comment

Your email address will not be published. Required fields are marked *

Recent posts

  • There are many options when troubleshooting in FortiGate firewalls. ... Full Story

  • Have you ever had an IPS signature that continues... Full Story

  • Use case:  Customer has a Split Tunnel Enabled but... Full Story