Linux Shell Survival Guide

This guide is a supplement to SANS FOR572: Advanced Network Forensics and Analysis. It covers some of what we consider the more useful Linux shell primitives and core utilities. These can be exceedingly helpful when automating analysis processes, generating output that can be copied and pasted into a report or spreadsheet document, or supporting quick-turn responses when a full tool kit is not available. Remember: If you can make it happen in a shell over a lag-ridden SSH connection, there is a better chance of being the lethal forensicator when it really matters!

May 25, 2021
470x382_S-Guide_DFIR_Linux-Shell.jpg