DFIR Madness
Guidance
Tips for Muggles
Sage Advice
Getting Into Infosec
The Five Pillars (Start Here)
General Computing
Computer Networking
Scripting and Programming
Linux / MacOS
Windows
Labs
The Hunt
About
Shop
Guidance
Tips for Muggles
Sage Advice
Getting Into Infosec
The Five Pillars (Start Here)
General Computing
Computer Networking
Scripting and Programming
Linux / MacOS
Windows
Labs
The Hunt
About
Shop
Sage Advice
Case 001 Super Timeline Analysis
Triage Disk Analysis Case 001
Case 001 – The Timing of it All
Incident Response Thumb Drive
Attribution and Threat Hunting, the Missing Steps After an Incident
Investigating Shellcode Alerts without PCAPs
P2FUST – Adding Context to Declare Bad
