Velociraptor Course: Digging deeper (May 2021)
Book 1
Credential defense analyst reference
Appendix F - Securing Domain Admins Groups in Active Directory
Protect privileged ad accounts with five free controls
Securing privileged access Enterprise access model - Privileged access
Eric Zimmerman's Results in Seconds at the Command-Line Poster | SANS Poster
Hunt Evil | SANS Poster
Windows Forensic Analysis | SANS Poster
LOLBAS
Month of PowerShell: 5 Tips for Getting Started with PowerShell | SANS Institute
Getting Started with Microsoft PowerShell
Power shell quick reference
Light side of the force pdf
Bear Hunting: Tracking Down COZY BEAR Backdoors
Exposing the Steps of the Kimsuky APT Group
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
How Microsoft names threat actors - Microsoft's unified security operations platform
Nist
Essential Eight explained | Cyber.gov.au
The 18 CIS Critical Security Controls
Matrix - Enterprise | MITRE ATT&CK®
FOR508 Cloud Share K01 on Egnyte
FREE Resources for Cyber Security Professionals | Applied Incident Response
aws-incident-response-playbooks/playbooks at master · aws-samples/aws-incident-response-playbooks
Contribute to aws-samples/aws-incident-response-playbooks development by creating an account on GitHub.
Kansa for Enterprise Scale Threat Hunting, Jonathan Ketchum.pdf
Structured & Task-Driven Threat Hunting
In the Fall of 2019, I joined the Splunk Global Security organization to build Splunk’s internal threat hunting program. Over a few months…
Demystifying the “SVCHOST.EXE” Process and Its Command Line Options
Understanding the “svchost.exe” process and its command line options
Windows 10 Services - batcmd.com
Per-user services in Windows 10 and Windows Server - Windows Application Management
Learn about per-user services, how to change the template service Startup Type, and manage per-user services through Group Policy and security templates.
Developing a privileged access strategy
A good strategy is critical on your privileged access journey