Zeltser Security Cheat Sheets

11 November 2016

src: https://zeltser.com/cheat-sheets/

REMnux Usage Tips for Malware Analysis on Linux

Key tools and commands for analyzing malicious software on the REMnux Linux distribution:

Tips for Creating an Information Security Assessment Report

This cheat sheet presents recommendations for creating a strong report as part of an information security assessment project.

Critical Log Review Checklist for Security Incidents

Checklist for reviewing critical logs when responding to a security incident. It can also be used for routine log review, co-authored with Anton Chuvakin:

Analyzing Malicious Documents Cheat Sheet

Tips and tools for reverse-engineering malicious documents, such as Microsoft Office (DOC, XLS, PPT) and Adobe Acrobat (PDF) files:

Security Architecture Cheat Sheet for Internet Applications

Tips for the initial design and review of a complex Internet application’s security architecture:

Troubleshooting Human Communications

Communication tips for technologists, engineers, and information workers:

Security Incident Survey Cheat Sheet for Server Administrators

Tips for examining a potentially-compromised server to decide whether to escalate for formal incident response:

Initial Security Incident Questionnaire for Responders

The questions the incident handler should consider asking when taking control of a qualified incident:

Network DDoS Incident Response Cheat Sheet

Advice for battling a network DDoS attack on your infrastructure:

Reverse-Engineering Malware Cheat Sheet

Shortcuts and tips for analyzing malicious software:

Information Security Assessment RFP Cheat Sheet

Tips for planning, issuing and reviewing RFPs for information security assessments:

How to Suck at Information Security

Common information security mistakes, so you can avoid making them:

Report Template for Threat Intelligence and Incident Response

A report template and framework for for capturing key details related to a large-scale intrusion and documenting them in a comprehensive, well-structured manner.