BTFM: Blue Team Field Manual Book 1
by Ben Clark & Alan J. White
The Blue Team Field Manual is the defensive counterpart to RTFM, providing quick-reference commands and procedures for incident response, forensics, and network defense. Ben Clark and Alan White organize the manual by defensive function: log analysis, network monitoring, host-based forensics, malware analysis, and incident response procedures. Each section provides the specific commands needed to investigate suspicious activity on Windows and Linux systems, collect forensic artifacts, analyze network traffic, and contain active threats. The manual covers Windows Event Log queries, Linux audit commands, memory forensics procedures, network packet analysis syntax, and SIEM query patterns. Like RTFM, it prioritizes brevity and accuracy over explanation, making it a tool for practitioners who understand the concepts but need quick access to the right command.
Available formats
Book Details
- Author
- Ben Clark & Alan J. White
- Year
- 2017
- Category
- Blue Team
- ISBN
- 9781541016361
- Formats
- Paperback, Kindle
Related Books
RTFM: Red Team Field Manual Book 1
Ben Clark
Quick-reference guide for red team operators. Covers Linux, Windows, networking, and common attack commands.
RTFM: Red Team Field Manual Book 2
Ben Clark & Nick Downer
Updated and expanded red team reference. New techniques, commands, and procedures for modern red team operations.
Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity - Book 4
Marcus J. Carey and Jennifer Jin
The Blue Team edition of Tribe of Hackers gives voice to the defensive side of cybersecurity, interviewing SOC analysts, incident responders, threat hunters, detection engineers, and security.
The Blue Team Operator's Handbook
Joseph Haynes
The companion to the Red Team Operator's Handbook, this blue team edition provides defenders with the detection strategies and hunting techniques needed to counter the offensive TTPs described in its.