Free DFIR challenges
It’s Monday morning and you are just finishing your second cup of coffee. Your mind wanders and thinks back to your fun weekend of hiking the Rocky mountains with your friends. Suddenly, you are jolted back to the present as your phone rings on your desk.
“Hello, DFIR consulting, how may I help you?” you respond. The voice on the other end sounds a bit agitated. “Yeah, this is John from Arm Chair QB inc, we have an employee who apparently was downloading pirated movies and now his machine is acting weird. We can’t figure out whats wrong with it, can you help?”
The Harv
It’s Friday at 5pm, you are packing up your desk for the weekend when suddenly your phone rings. “Hello, DFIR consulting” you reply.
The voice on the other end sounds panicked. They inform you that one of their machines appears to be compromised and that it held critical data for their company. They are very concerned about the data being stolen as they are set to IPO in just 2 weeks.
They insist on you looking at their system ASAP and have already gone through the trouble of taking a memory dump and collecting a listing of open ports and processes running. Their IT administrator has also provided you with a forensic e01 image of the system.