DFIR, Cyber Cyber and other security foo

The Goal of DFIR is to reduce the dwell time, detect the TTP's of adversaries and finally STOP adversaries of achieving their goals.

This page is my personal site, where I try to document my learnings and findings.

Get started

IR Introduction / Process

Short introduction and overview about incident response.

Windows Event Logs

Windows Event Log cheat sheets and testing.

Tools Wiki

Documentation of various DFIR and pentesting tools.

AD Test Lab Setup

Simple guide, how to setup a active directory testing environment.