DFIR and Blue Team CTFs & Challenges

Free DFIR & Blue Team CTFs and Challenges

This category tests your existing knowledge.

For training with hands-on labs, visit any of the categories on the main page and filter by “Hands-On Component”.

Name & Direct LinkPlatformFor BeginnersDFIR Related Challenge Type(s)
Blue Team Labs Online (Free Challenges)Blue Team Labs OnlineMemory Analysis, Network Analysis, Digital Forensics, Malware Analysis, Reverse Engineering
The Case of the Stolen Szechuan SauceDFIR MadnessDigital Forensics, PCAP Analysis
CyberDefendersCyberDefendersSplunk, SIEM, Malware Traffic Analysis, PCAP, Reverse Engineering, Digital Forensics, ELK, Log Analysis
Champlain College DFIR CTFCTFd - Champlain CollegeWindows Forensics, macOS Forensics, Wireshark, OSINT, Reverse Engineering
SocVelSocVelDigital Forensics & Incident Response Challenges
Malware Analysis ExercisesGitHub - jstroschMalware Analysis
LetsDefend - Free VersionLetsDefendThis is a SOC Simulation Environment - Monitoring, Log Search, Case Management, Endpoint Security
OSINT ChallengeThe Cyber InstituteOSINT Challenges
OSINT DojoOSINT Dojo/TwitterOSINT Challenges. Follow them on Twitter @OSINTDojo and earn Digital Badges for solving challenges.
OSINT CTFs by BushidoTokenBushidoTokenOSINT
HackTaleHackTaleYesA DFIR/Cyber Defense Training Game with Scenario-Based Challenges.
MemLabsGitHub - stuxnet999Yes - Challenges range from easy to hard.Memory Forensics
Malware-Traffic-Analysis.NetMalware-Traffic-Analysis.net PCAP Analysis
Flaws2 Defender TrackFlaws2.cloudAWS Incident Response Challenges
PwnDefendPwnDefendYesOSINT, Reverse Engineering, Forensics & Analysis
Immersive Labs CommunityImmersive LabsMalware Analysis, Digital Forensics, Threat Hunting
Challenges.reChallenges.reReverse Engineering Challenges
TryHackMeTryHackMeYes - Has Easy, Medium and Hard ChallengesFree rooms include RE, Volatility, OSINT, Malware Analysis, Splunk, Linux, Ghidra, & Radare2
Challenges, CTFs and WalkthroughsAboutDFIRVarious DFIR Challenges
picoGympicoCTFForensics, Reverse Engineering, PCAP Analysis
CTFLearnCTFLearnYes - Has Easy, Medium, and Hard ChallengesForensics, Programming, Reverse Engineering, Binary, Cryptography
CTF.LivePentesterAcademyYes - Has Beginner, Intermediate, and Advanced ChallengesNetwork Forensics, Reverse Engineering
Threat Interceptors Challenge (June 14th, 2021)AccedianThreat hunting, understand how an attacker breached the network, trace their activity, mitigate the attack.