AI Forensics (TryHackMe)
Introduction The world of Digital Forensics is full of pieces needing to be connected, often under a time constraint. This can be a challenging task, but one that many forensics analysts have accompli
May 8, 202635 min read1
Command Palette
Search for a command to run...
#dfir
Articles tagged with #dfir
Have a Break (TryHackMe)
Investigation is a TryHackMe challenge inspired by a real cargo theft incident, set in a fictional ECTA (European Cargo Threat Assessment) framework. The scenario involves a missing refrigerated truck
May 6, 202610 min read6
Shadow Trace
It’s the graveyard shift, and you’re the lone analyst in the SOC when an urgent call comes in: a user’s machine dropped a suspicious binary named windows-update.exe. At first glance, it masquerades as a routine updater, but alerts from the EDR and od...
Oct 13, 20254 min read12
DFIR: An Introduction (TryHackMe)
In this article, I will write a write-up for DFIR: An Introduction that covers the need for DFIR, Basic concepts of DFIR, DFIR Tools like KAPE, Autopsy and Redline, and the Incident Response Process. The need for DFIR What is DFIR? As already mention...
Jan 16, 20259 min read45
The Advent of Cyber: Day 22: Kubernetes DFIR - It's because I'm kubed, isn't it? (TryHackMe)
In this article, we’ll cover Kubernetes DFIR - It's because I'm kubed, isn't it? write-up as the Day 22 challenge of the Advent of Cyber event challenge. It involved learning about Kubernetes in relation to Digital Forensics and Incident Response (DF...
Jan 12, 202518 min read3