DFIR

This is a repository dedicated to the DFIR journey. Contains notes, reflections, walkthroughs and links to tools.

BlueBook

BlueBook is aimed to be a noob friendly hacktricks type resource for Forensics CTF challenges. The culmination of the previous analyses. https://github.com/dbissell6/DFIR/blob/main/Blue_Book/Blue_Book.md

BluePrint

BluePrint is a resource to search for similar DFIR challenges. This is most useful if you are stuck and need a qucik suggestion to read a walkthrough from a previous challenge. https://github.com/dbissell6/DFIR/blob/main/Blue_Book/BluePrint.md

Explorations and reflections

Lessons learned on the path

Walkthroughs

PICO - https://github.com/dbissell6/DFIR/blob/main/WalkThroughs/

DFIR CTF Challenges

https://play.picoctf.org/practice

https://app.hackthebox.com/sherlocks

https://app.hackthebox.com/challenges/retired

https://www.sans.org/mlp/holiday-hack-challenge-2023/

https://cyberdefenders.org/blueteam-ctf-challenges/

Videos

https://www.youtube.com/@digitaldeductions

Outside Resources

https://github.com/cugu/awesome-forensics#ctfs-and-challenges

https://github.com/apsdehal/awesome-ctf/blob/master/README.md#forensics

https://www.sans.org/posters/hunt-evil/

https://sansorg.egnyte.com/dl/cOBcwZSosv ## Zimmermans Tools cheatsheet

https://thedfirreport.com ## Writeups of real attacks

https://vx-underground.org/ ## Malware repo with writeups

Reading List

https://icdt.osu.edu/cybercanon/bookreviews