DFIR Madness

DFIR Madness

  • Guidance
    • Tips for Muggles
    • Sage Advice
  • Getting Into Infosec
    • The Five Pillars (Start Here)
    • General Computing
    • Computer Networking
    • Scripting and Programming
    • Linux / MacOS
    • Windows
  • Labs
    • The Hunt
  • About
  • Shop
  • Guidance
    • Tips for Muggles
    • Sage Advice
  • Getting Into Infosec
    • The Five Pillars (Start Here)
    • General Computing
    • Computer Networking
    • Scripting and Programming
    • Linux / MacOS
    • Windows
  • Labs
    • The Hunt
  • About
  • Shop

Sage Advice

Case 001 Super Timeline Analysis

Triage Disk Analysis Case 001

Case 001 – The Timing of it All

Incident Response Thumb Drive

Attribution and Threat Hunting, the Missing Steps After an Incident

Attribution and Threat Hunting

Investigating Shellcode Alerts without PCAPs

Investigating Shellcode Alerts

P2FUST – Adding Context to Declare Bad

© 2025 DFIR Madness
Site designed and developed (using the Egesto theme) by Patrick Higingbotham (@HiggyWaka).