Summary
This section is for quick command and query reference that supports blue-team work. It will stay lighter than the guides and focus on recall rather than full explanation.
What belongs here
- log inspection commands
- process and network checks
- quick triage helpers
- reference commands tied to investigations
How to use this section
- Start here when you need a fast check during triage or investigation
- Use Guides for full workflow notes
- Use Concepts when you need the security model behind the check