This category tests your existing knowledge.
For training with hands-on labs, visit any of the categories on the main page and filter by “Hands-On Component”. Scheduled CTFs and challenges are listed in the monthly events blog post.
| Name & Direct Link | Platform | For Beginners | DFIR Related Challenge Type(s) |
|---|---|---|---|
| Blue Team Labs Online (Free Challenges) | Blue Team Labs Online | Memory Analysis, Network Analysis, Digital Forensics, Malware Analysis, Reverse Engineering | |
| CyberDefenders | CyberDefenders | Splunk, SIEM, Malware Traffic Analysis, PCAP, OSINT, Reverse Engineering, Digital Forensics, ELK, Log Analysis | |
| SocVel | SocVel | Digital Forensics & Incident Response Challenges | |
| LetsDefend - Free Version | LetsDefend | This is a SOC Simulation Environment - Monitoring, Log Search, Case Management, Endpoint Security | |
| The Case of the Stolen Szechuan Sauce | DFIR Madness | Digital Forensics, PCAP Analysis | |
| Champlain College DFIR CTF | CTFd - Champlain College | Windows Forensics, macOS Forensics, Wireshark, OSINT, Reverse Engineering | |
| Forensic Challenges on Info-Sec Box The password is: kjiIYFGsx76IOHK | Info-Sec Box | Forensic challenges | |
| Malware Analysis Exercises | GitHub - jstrosch | Malware Analysis | |
| Malware-Traffic-Analysis.Net | Malware-Traffic-Analysis.net | PCAP Analysis | |
| Flaws2 Defender Track | Flaws2.cloud | AWS Incident Response Challenges | |
| PwnDefend | PwnDefend | Yes | OSINT, Reverse Engineering, Forensics & Analysis |
| Mossé Cyber Security Institute | Mossé Cyber Security Institute | OSINT, Digital Forensics, YARA, Malware Analysis | |
| HackTale | HackTale | Yes | A DFIR/Cyber Defense Training Game with Scenario-Based Challenges. |
| Immersive Labs Community | Immersive Labs | Malware Analysis, Digital Forensics, Threat Hunting | |
| picoGym | picoCTF | Forensics, Reverse Engineering, PCAP Analysis | |
| CTFLearn | CTFLearn | Yes - Has Easy, Medium, and Hard Challenges | Forensics, Programming, Reverse Engineering, Binary, Cryptography |
| Challenges.re | Challenges.re | Reverse Engineering Challenges | |
| MemLabs | GitHub - stuxnet999 | Yes - Challenges range from easy to hard. | Memory Forensics |
| Mini Memory CTF The Memory Sample is linked in the video. | YouTube - 13Cubed | Memory Forensics | |
| CTF.Live | PentesterAcademy | Yes - Has Beginner, Intermediate, and Advanced Challenges | Network Forensics, Reverse Engineering |
| TryHackMe | TryHackMe | Yes - Has Easy, Medium and Hard Challenges | Free rooms include RE, Volatility, OSINT, Malware Analysis, Splunk, Linux, Ghidra, & Radare2 |
| OSINT Challenge | The Cyber Institute | OSINT Challenges | |
| OSINT Dojo | OSINT Dojo/Twitter | OSINT Challenges. Follow them on Twitter @OSINTDojo and earn Digital Badges for solving challenges. | |
| OSINT CTFs by BushidoToken | BushidoToken | OSINT | |
| Cyber Detective | CyberSoc | OSINT | |
| Cyber Investigator | CyberSoc | OSINT | |
| Quiztime on Twitter Here is an article on how it works. | Twitter - @quiztime | OSINT | |
| GeoGuessr | GeoGuessr | OSINT (Use your OSINT skills to figure where you are) | |
| Challenges, CTFs and Walkthroughs | AboutDFIR | Various DFIR Challenges | |
| RangeForce Persistence Challenge (July 21st-August 8th) | RangeForce | Identify and Respond to Malicious IPs, Compromised Accounts, and Advanced Persistence. |
