This is a repository dedicated to the DFIR journey. Contains notes, reflections, walkthroughs and links to tools.
BlueBook is aimed to be a noob friendly hacktricks type resource for Forensics CTF challenges. The culmination of the previous analyses. https://github.com/dbissell6/DFIR/blob/main/Blue_Book/Blue_Book.md
BluePrint is a resource to search for similar DFIR challenges. This is most useful if you are stuck and need a qucik suggestion to read a walkthrough from a previous challenge. https://github.com/dbissell6/DFIR/blob/main/Blue_Book/BluePrint.md
Lessons learned on the path
PICO - https://github.com/dbissell6/DFIR/blob/main/WalkThroughs/
https://play.picoctf.org/practice
https://app.hackthebox.com/sherlocks
https://app.hackthebox.com/challenges/retired
https://www.sans.org/mlp/holiday-hack-challenge-2023/
https://cyberdefenders.org/blueteam-ctf-challenges/
https://www.youtube.com/@digitaldeductions
https://github.com/cugu/awesome-forensics#ctfs-and-challenges
https://github.com/apsdehal/awesome-ctf/blob/master/README.md#forensics
https://www.sans.org/posters/hunt-evil/
https://sansorg.egnyte.com/dl/cOBcwZSosv ## Zimmermans Tools cheatsheet
https://thedfirreport.com ## Writeups of real attacks https://vx-underground.org/ ## Malware repo with writeups