Search
Items tagged with: dfir
JQ - is one of the most popular command line utilities for extracting and processing data from JSON files.
Here is a ultimate cheatsheet to the most useful JQ functions for #osint, #dfir, and #forensics:
https://www.sans.org/posters/json-and-jq-quick-start-guide/?msc=instructor-phil-hagen
Contributors twitter.com/SANSInstitute twitter.com/DavidSzili
Here is a ultimate cheatsheet to the most useful JQ functions for #osint, #dfir, and #forensics:
https://www.sans.org/posters/json-and-jq-quick-start-guide/?msc=instructor-phil-hagen
Contributors twitter.com/SANSInstitute twitter.com/DavidSzili
JSON and jq Quick Start Guide | SANS Cheat Sheet
This guide is a supplement to SANS FOR572: Advanced Network Forensics and Analysis. It covers the basics of JSON and some of the fundamentals of the jq utility.www.sans.org
