Create cheat-sheets.md

Author: ngvuthdanhh

extras/cheat-sheets.md

@@ -0,0 +1,26 @@
+# DFIR Cheat Sheets
+
+A collection of quick-reference materials for analysts.
+
+## Categories
+### 🔹 Windows Forensics
+- Event ID cheat sheet  
+- Registry key artifacts  
+- Common persistence locations  
+
+### 🔹 Linux Forensics
+- Log file locations  
+- Bash history patterns  
+- Rootkit indicators  
+
+### 🔹 Network Forensics
+- Common ports & protocols  
+- PCAP filtering expressions  
+- TLS fingerprinting  
+
+### 🔹 Malware Analysis
+- PE file structure  
+- Sandbox behavior indicators  
+
+## Format
+Cheat sheets are concise and optimized for fast incident response work.