Security and DFIR Resources

---

Security Fundamentals

Building a basic understanding of how computers work as well and learning common security terminology and concepts is crucial for diving deeper into security. I've found these resources helpful for building a strong foundation.

• Professor Messer's Security+ Videos explain a wide variety of fundamental cybersecurity concepts. These videos are geared toward the CompTIA Security+ Certification.

• Hack The Box provides CTF-style machines for all levels to hack into.

• TryHackMe allows users to practice skills in a CTF-style room.

DFIR Courses and Labs

Once you have a basic understanding of cybersecurity, I recommend looking into a subfield that you find interesting. I personally am interested in DFIR, and these courses and labs are helpful for getting hands-on experience.

• Digital Forensics Lab teaches users the fundamentals of digital forensics through labs and case studies.

• Hexordia teaches multiple courses on digital forensics, with a focus on mobile forensics.

• 13Cubed teaches a broad range of digital forensics courses, from Windows forensics to malware analysis.

• Cyber5W teaches multiple courses on digital forensics fundamentals, with labs included.

• Malware Unicorn provides reverse-engineering workshops.

• DFIR Diva includes free resources, training recommendations, and blogs about DFIR.

• DFIR Training keeps track of upcoming trainings in DFIR.

Journals and Blogs

Since technology evolves rapidly, keeping up with the the latest research in security is a necessity.

• IEEE Security & Privacy is a top security journal for researchers in all domains of security.

• Forensic Science International: Digital Investigation includes research relating to crime and security, with a focus on digital evidence and multimedia.

Podcasts

Podcasts are a useful for integrating cybersecurity into your daily routine.

• Cyberwire Daily provides daily cybersecurity news and analysis geared at professionals.

• CyberWork invites industry leaders to discuss cybersecurity careers and skills needed to join the field.

• Digital Forensics Now discusses the latest news in digital forensics from a law enforcement perspective.

Free Tools

These DFIR tools are free to use and commonly used in the field.

• Eric Zimmerman's Tools include multiple tools useful for a variety of tasks relevant to digital forensics.

• LEAPP Projects include parsers for many types of artifacts and logs.

• Autopsy is an end-to-end digital forensics platform.

• FTK Imager is a popular Windows image acquisition tool.

• Volatility is a memory forensics framework for incident response and malware analysis.

• Wireshark is a popular network protocol analyzer.

Other Resources

These are other resources that I personally find helpful.

• Security Certification Roadmap contains common certifications for different points of your career in different security subfields.

• Digital Forensics Images includes many device images that you can download and practice on.

• This Week in 4n6 compiles the most relevant digital forensics and cyber threat intelligence articles and sends them to your inbox.

SANS has compiled a list of free tools used in nearly every area of cybersecurity. You can also find an extensive list of cybersecurity resources (tools and learning material) on Hack-with-Github's Awesome Hacking repository.

---

Home ⋅ Work ⋅ Thoughts