Digital forensics and incident response

Linux

• .bash_history
• Brute force scripting
• Packet crafting

Windows

• Chrome browsing history
• Event logs
• Firefox browsing history
• Network connections
• Office recent files
• Prefetch
• Recent links
• Recycle Bin
• ZIP temporary folders

Network

• HTTP request forgery
• HTTPS and VPNs

Miscellaneous

• Endpoint detection and response (EDR)
• File carving
• Security operations centres
• Yara rule evasion
• ZIP file password cracking

Cyber security

Books

• Reading list
• InfoSec Rock Star
• Threat Modelling

Training and certifications

• SANS SEC401 (GSEC)
• SANS SEC504 (GCIH)
• SANS FOR500 (GCFE)
• SANS FOR508 (GCFA)

Miscellaneous

• Command injection
• Consulting
• Modular SOC
• Pi-hole
• Passwords

Technology and programming

Cloud

• AWS - SQL databases
• AWS - VPCs and EC2 servers

PowerShell

• Winget software deployment

Python

• Charts and graphs
• DNS request
• Emails (generating)
• Emails (sending)
• Multiprocessing
• Network diagrams
• SQLite
• tcpdump
• Tkinter (GUIs)
• Twitter

Splunk

• Grouping by two fields
• Splunk Free

SQL

• ALTER TABLE
• JOINs
• SELECT, FROM, and WHERE