DFIR Training Blog



A goldmine of DFIR nuggets!

The dfir.training website is coming along, inch by inch.  I am grateful for the emails (more tools, more directories, more training, more, more, more...).  I am going through each as soon as I can to publish on the website, so be patient if I haven't put up your listing yet.

I have more items to put on the website after I finish up some of the major sections, with the Forensic Artifacts being one of the major sections to work on.  The Forensic Artifact section is light on items, but a few are added every day.  The ones that are added are linked to related artifacts (using "keywords").   The intention is that you can review one artifact and easily review a related artifact by clicking any of the related keywords.   Each artifact listing has:

Description (ie: a definition of the artifact)

Tool listing (the full forensic suites are not listed; only the smaller focused tools are listed)

White papers (that directly relates to the artifact)

Video (that directly relates to the artifact)

References (links to good reference material)

Books  (if one has been published of that specific artifact)

Training  (if courses focus on that specific artifact)

Keywords (links to related artifacts that may be helpful in your artifact analysis)

The one thing that the Forensic Artifact database is  not , is a "how-to-do-forensics" on the artifacts.  There is way too much information in the above sections to cover everything you need.  No need to repeat what has already been done.  A database such as this has not been successfully done anywhere else.  There are others, but they are different; designed differently, with different ways of conveying the information.  I think the dfir.training Forensic Artifact database does it best.  

And do me a favor; vote dfir.training as the Digital Forensic Resource of the Year.  I will be grateful for the time you spend to vote :)

And keep sending me information to add. That's why the website is there; to collect the nuggets of DFIR gold.

Written by :Brett Shavers

{rscomments option="com_rsblog" id="7"}