In early 2020 Cynet launched a pretty fun DFIR related CTF. It consisted of 25 challenges with varying levels of difficulty. They posted the solutions to each challenge here .

The challenges encompass the minimum knowledge required of any new SOC/IR analyst. So if that’s your goal, and you want to learn a bit about each of the artifacts showcased by the challenges check out the IR-challenge tags. Each post under that tag will show one way to solve challenge, as well as give some resources to free tools or further reading. The whole CTF was solved using only these free tools: Eric Zimmerman’s tools , David Pany’s OBJECT.DATA parser , and ANSSI’s bmc-tools .