First, a little background…I’m an entry-level Incident Response Analyst trying to learn all things DFIR on a limited budget. I created the free training page to try to help others who were in the same boat. After seeing some comments and questions about it, I realized that just having a long list of training wasn’t all that helpful to complete beginners to IT who were interested in the Digital Forensics & Incident Response field. I went through almost every item to try to determine what was good for beginners, if I could recommend any prerequisites, and which training categories to...Continue reading...
Did you miss @dfirjos's excellent blog piece on practical examples of using Velociraptor to monitor adversaries during an incident response? Catch it here:
How to upskill?
Building your own lab is an excellent way to gain hands-on experience and grow your knowledge. It can be done for free and it's easy to construct labs to emulate and analyze various attacks.
Check out our free tutorials here: https://lnkd.in/djce4_qX
The first new publicly released episode of 2023 is now available. Check out this important video covering a new evidence of execution artifact introduced in Windows 11 22H2. https://www.youtube.com/watch?v=rV8aErDj06A #DFIR #forensics
New blog on @aboutdfir by Fabian Mendoza on identifying the source system of PsExec using USN Journal.
This is truly cool and extremely helpful! Can't wait for more such research.
- The IR Training Plan Using Free Courses has been Updated
- DFIR & Cybersecurity Events are Back!
- Site Updates, Events, and My Myeloma Diagnosis
- DFIR Related Events for Beginners – December, 2021
- DFIR Related Events for Beginners – November, 2021
- The Free and Affordable Training Sites Have Merged!
- DFIR Related Events for Beginners – October 2021
- DFIR Related Events for Beginners – September 2021
- The Get Your Start in DFIR Scholarship Site Just Launched!
- DFIR Related Events for Beginners – August, 2021
Latest DFIR Jobs
- An error has occurred, which probably means the feed is down. Try again later.