Camskuu/dfir-cybersecurity-labs

# dfir-cybersecurity-labs Digital Forensics and Incident Response Lab Series - Analyzed packet captures using Wireshark, NetworkMiner, and Snort to identify hosts, protocols, traffic spikes, credentials exposure, and IDS alerts. - Investigated compromised Windows systems by reviewing suspicious processes, active network connections, listening ports, browser artifacts, and backdoor indicators. - Used Volatility to examine a Windows memory image, identify malicious processes, analyze DLLs, review command-line artifacts, and reconstruct attacker activity. - Reconstructed an SMB-based attack timeline involving reconnaissance, exploit behavior, executable transfer, logging gaps, and remediation recommendations.