TryHackMe | DFIR Essentials Training

Skip to main contentSkip to main content

Gain insights into DFIR practices involving ethical approaches, and learn how to analyse forensic artefacts.

In this module, we will be expanding our forensics knowledge by covering the core philosophy and ethical decisions that guide DFIR professionals, followed by a look into the considerations made when presenting forensic evidence in legal cases. You'll be diving into how to construct and analyse timelines using Log2Timeline and Timesketch, tools that are worth adding to your skills. Finally, you’ll learn about establishing baselines and developing the ability to distinguish normal from suspicious activities.

0%

IR Philosophy and Ethics

Addressing the Incident Response philosophy.

0%

Legal Considerations in DFIR

Understand the processes involved in DFIR and the legal considerations that guide them.

0%

IR Playbooks

Learn the basics of creating and using IR playbooks.

0%

IR Timeline Analysis

Learn about timeline analysis using various tools and scenarios.

0%

IR Difficulties and Challenges

Explore common DFIR obstacles and learn strategies for overcoming these challenges effectively.

0%

Baselines and Anomalies

Identify normal activity and hunt for anomalies.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.