This Cheat Sheet covers how the medical examiner, coroner determines the cause, manner, and mechanism of death, the tools they bring to bear in their search for clues, and how investigators approach a crime scene. This cheat sheet supports the SANS Forensics 508 Advanced Forensics and Incident Response Course. This cheat sheet walks the investigator through a six step analysis process illuminating the most popular powerful Volatility memory analysis plugins in each step. MITRE ATT& CK Cheat Sheets: The Windows ATT& CK Logging Cheat Sheet Released Sept. The Windows LOG- MD ATT& CK Cheat Sheet Released Sept.

Lenny Zeltser also has some great Information Security cheat sheets over on his site. My good buddy Joe Garcia has a review of Windows Registry Forensics over on the CyberCrime 101 blog. I' ve been beta testing a new tool called Registry Decoder for Windows Registry parsing and searching.