This is a repository dedicated to the DFIR journey. Contains notes, reflections, walkthroughs and links to tools.
BlueBook is aimed to be a noob friendly hacktricks type resource for Forensics CTF challenges. The culmination of the previous analyses. https://github.com/dbissell6/DFIR/blob/main/Blue_Book/Blue_Book.md
BluePrint is a resource to search for similar DFIR challenges. This is most useful if you are stuck and need a qucik suggestion to read a walkthrough from a previous challenge. https://github.com/dbissell6/DFIR/blob/main/Blue_Book/BluePrint.md
Explorations+Reflections *
https://github.com/dbissell6/DFIR/blob/main/Explorations%2BReflections/Explorations%2BReflections.md
Replication of study done on HTB Forensics problems, this time with PICO Forensics problems. Intresting because it adds more overall data points to the Foresncis CTF challenge landscape. Additioanlly this allows for a comparison between the two "Brands" of challenges. Can we finally determine why everyone says PICO is easier than HTB?
Explorations+Reflections2 *
https://github.com/dbissell6/DFIR/blob/main/Explorations%2BReflections/Explorations%2BReflections2_PICO.md
Explorations+Reflections3 *
https://github.com/dbissell6/DFIR/blob/main/Explorations%2BReflections/Explorations%2BReflections3.md
PICO - https://github.com/dbissell6/DFIR/blob/main/WalkThroughs/PICO_Walkthroughs.md
https://play.picoctf.org/practice
https://app.hackthebox.com/sherlocks
https://app.hackthebox.com/challenges/retired
https://www.sans.org/mlp/holiday-hack-challenge-2023/
https://cyberdefenders.org/blueteam-ctf-challenges/
https://github.com/dbissell6/PCAP_Analysis
https://github.com/dbissell6/EVTX_analysis
https://www.youtube.com/@digitaldeductions
https://github.com/cugu/awesome-forensics#ctfs-and-challenges
https://github.com/apsdehal/awesome-ctf/blob/master/README.md#forensics
https://www.sans.org/posters/hunt-evil/
https://sansorg.egnyte.com/dl/cOBcwZSosv ## Zimmermans Tools cheatsheet
https://vx-underground.org/ ## Malware repo with writeups