I entered the DFIR field in May of 2019 and created this site to document the resources I use as I learn and grow in DFIR. I’m hoping it will help others who are interested in the field or who are also just getting started. Under DFIR Resources, you will find books, training, webinars, videos, and other resources that I have found to be helpful. There are also over 400 training courses listed in the Free and Affordable Training sections. This is a personal blog and all views are my own.
Did you miss @dfirjos's excellent blog piece on practical examples of using Velociraptor to monitor adversaries during an incident response? Catch it here:
How to upskill?
Building your own lab is an excellent way to gain hands-on experience and grow your knowledge. It can be done for free and it's easy to construct labs to emulate and analyze various attacks.
Check out our free tutorials here: https://lnkd.in/djce4_qX
The first new publicly released episode of 2023 is now available. Check out this important video covering a new evidence of execution artifact introduced in Windows 11 22H2. https://www.youtube.com/watch?v=rV8aErDj06A #DFIR #forensics
New blog on @aboutdfir by Fabian Mendoza on identifying the source system of PsExec using USN Journal.
This is truly cool and extremely helpful! Can't wait for more such research.
- The IR Training Plan Using Free Courses has been Updated
- DFIR & Cybersecurity Events are Back!
- Site Updates, Events, and My Myeloma Diagnosis
- DFIR Related Events for Beginners – December, 2021
- DFIR Related Events for Beginners – November, 2021
- The Free and Affordable Training Sites Have Merged!
- DFIR Related Events for Beginners – October 2021
- DFIR Related Events for Beginners – September 2021
- The Get Your Start in DFIR Scholarship Site Just Launched!
- DFIR Related Events for Beginners – August, 2021
Latest DFIR Jobs
- An error has occurred, which probably means the feed is down. Try again later.