Welcome to FTRsec Documentation

Welcome to the comprehensive documentation on detection techniques and tools. This site provides cheatsheets, useful links, and detection rules to help you effectively use tools like Splunk and Microsoft Defender.

Overview

This documentation includes the following sections:

• Cheatsheets: Quick reference guides for Splunk and Microsoft Defender.
• Event Codes: Detailed explanations of various event codes.
• Detection Rules: Specific detection rules for Active Directory Domain Services (ADDS) and Windows.
• Useful Links: A collection of resources for further learning.

Table of Contents

Cheatsheets

• Splunk Cheatsheet
• Defender Cheatsheet

Event Codes

• EventCode

Detection Rules

• ADDS Detection Rules
• Windows Detection Rules

Resources

• Useful links

Quick Links

• Splunk Cheatsheet
• Defender Cheatsheet
• EventCode
• ADDS Detection Rules
• Windows Detection Rules
• Useful links