Blue Team Field Manual (BTFM) (Field Manual Series)

A must have for every DFIR team and professional. Absolutely packed with relevant, practical, and useful content.

If you're looking at this, you know why you're looking at it, so not going to explain.It is good. 130 or so pages and most of it is commands that are useful for your run books. The book doesn't explain how to interpret the results, but if you can understand it and are comfortable on a shell, you can probably hazard a guess anyways, or Google it.A small amount of the commands are a tiny bit dated, which is expected with a print manual giving you commands for applications/OSes that are always changing, but even if dated, they at least give you the idea of what to run. Just go look up a good replacement application, or check the --help file for updated syntax.Really liked the IR checklist at the back, will incorporate some of that.

The media could not be loaded. The Blue Team Field Manual came very fast in fact five days earlier then expected and it made me very happy! Not to mention that the book looks like it haven't even been used it was a little scratch and tiny dent on top cover but it is barely noticeable! Thank you so much! Will be coming back for some more books 📚

Obviously, comparable to RTFM, marketed as more geared to responders, or Windows domain admins with a small amount of Linux in their network. My review assumes you know what the book you are shopping for is, you have read or heard about the RTFM and this.Awesome book, you'll likely find or be reminded of something very useful that you can use tomorrow based on flipping through it.Good - What you'd expect, condensed, long listing of commands with brief descriptions. Network, firewall, registry, services, etc etc etc. Command based AV scanning and lots more. Lots of stuff is based on "Basic" commands included in powershell or windows cmd, additional tools sysinternals suite, some typical third party network command tools, as well a few references to less common tools.Eh - Frighteningly short intros to some tools, but for brevity's sake seems necessary, I'd suggest readers try everything in a lab.Bad - Many commands are described from a very basic idea gearing up to fairly complex, complete, long commands, with lots of big font and double spacing. Little to zero instruction is provided for some stuff, for example, the reg query commands, which you can read and see what they do or are for. Lots of lines go to nearly the exact same command (like firewall rules), I feel like they'ed be better if they had more context.The font is bigger (than RTFM), I'd like it if the book made more use of tables, bolding and underlining, and italicizing do differentiate sections of text, along with a smaller font and no double-spacing. I feel like this just adds to the girth of the book.All in all, great book, I definitely recommend it for network or domain admins and defenders.

I have both the blue team manual and red team that I carry with me for work in cause I need quick reference.No downsides to this book.

This book does exactly what it promises. It's a super clean collection of tons of useful commands for any defend-focused team.It's not going to teach you any lessons, really, which is what I was looking for when I opened it. At first I was disappointed, but as I got deeper in I realized what the book was and what it wasn't, and it just got better and better.I wish there were more books of this kind. You don't have to write a dissertation in order to create something useful. Sometimes quick references are the best thing you can have.

Good book to have if you are working somewhere and don’t have internet access, has helped me out of a jam a time or two

Good book