top of page
Program is over

DFIR Tutorial

  • 7Steps
Get a certificate by completing the program.


Digital Forensics and Incident Response (DFIR) is a critical component of any cybersecurity strategy, and in this tutorial series, we will walk you through various DFIR techniques using Velociraptor. With my extensive background in cybersecurity and threat hunting, I am eager to share my insights to help you become a pro in DFIR using this powerful tool. So, let's embark on this journey together and enhance your skills to protect your organization. Chapter 1: Initial Detection and Threat Hunting Chapter 2: Function-Hooking DLLs Chapter 3: Thread and Process Notifications Chapter 4: Object Notifications Chapter 6: Minifilters Chapter 7: Network Filter Drivers Chapter 8: Event Tracing for Windows Chapter 9: Scanners Chapter 10: Anti-Malware Scan Interface Chapter 11: Early Launch Anti-Malware Drivers Chapter 12: Microsoft-Windows-Threat-Intelligence Chapter 13: A Detection-Aware Attack Chapter 14: Summary and TIPS & TRICKS. Chapter 15: MITRE ATT&CK (TTP)

You can also join this program via the mobile app.





Already a participant? Log in

bottom of page