FatimaZ-tech/DFIR-Portfolio

# DFIR Portfolio Welcome to my Digital Forensics & Incident Response (DFIR) portfolio. This repository contains my practical forensic investigation case reports, primarily based on platforms like TryHackMe and real-world style scenarios. Each case includes: - Case Overview - Investigation Methodology - Evidence & Log Analysis - Timeline Reconstruction - Conclusions - Security Recommendations - Supporting Screenshots & Artifacts ## Cases ### Case 01 – TryHackMe: Disgruntled **Status:** Completed **Focus:** Insider Threat • Privilege Abuse • Obfuscation attempt **Location:** `Cases/Case-01-THM-Disgruntled` ### Case 02 – TryHackMe: Unattended **Status:** Completed **Focus:** Physical Access • Data Exfiltration • Targeted Search Activity **Location:** `Cases/Case-02-THM-Unattended` ### Case 02 – TryHackMe: Secret Recipe **Status:** Completed **Focus:** Unauthorized Access • Sensitive Data Discovery **Location:** `Cases/Case-03-THM-Secret_Recipe` (More cases coming soon) ## Goal To build strong DFIR investigation skills through information gathering, structured analysis, evidence handling, and professional reporting standards. ## Analyst Fatima Z.