Talk With an Expert

SIFT Cheat Sheet

SIFT Cheat Sheet (PDF, 0.82MB)Published: 08 Jul, 2024
Created by:
SANS Institute
SANS Institute

Forensic analysts serve on the front lines of computer investigations. This guide aims to support DFIR analysts in their quest to uncover the truth.  This cheat sheet is intended to be used as a reference for important forensics tools and techniques available using the SANS Linux SIFT Workstation. Topics covered include mounting evidence, recovering data, timeline creation, and detailed file system analysis.  This broad reference guide also serves as a reminder of the many Linux-based digital forensics and incident response capabilities available. 

Author

SANS Institute
SANS Institute

SANS Institute

Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place.

Read more about SANS Institute