AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Challenges & CTFs

A very special thank you to Abhiram Kumar for curating this list! Be sure to check out his educational CTF on GitHub, MemLabs.

TitleTypeScopeUpdatedCreator
Dragos Capture The Flag 2023CTFVarious2023Dragos
Huntress Capture The Flag 2023CTFVarious2023Huntress
Cellebrite CTF 2023CTFiOS, Android2023Cellebrite
Magnet Forensics CTFs 2018-2022Multiple CTFsWindows, Android, iOS, Chromebook, Linux, MacOS2022Magnet Forensics
Cellebrite 2022 Round UpCTF WalkthroughiOS, Android, and Windows2022Cellebrite
GrabThePhisherCTFPhishing2022CyberDefenders
PARTY GIRL—MISSINGCTFWindows2022Belkasoft
2020 Defenit CTF - Tangential CipherChallengeDisk2020Defenit
2020 Defenit CTF - USB2ChallengeWindows Registry, Amcache2020Defenit
DF Challenge 2020 - I can't remember my passwordChallengeDisk2020Korea Institute of Information Security & Cryptology
HackThisSiteChallengeVarious2020HackThisSite
HackTM CTF Quals 2020 - Find My PassChallengeMemory2020Legacy
HackTM CTF Quals 2020 - RRChallengeDisk2020Legacy
HackTM CTF Quals 2020 - Strange PCAPChallengeNetwork Traffic Analysis2020Legacy
HECF Blog - Sunday FundayChallengeVarious2020David Cowen
InCTF Internationals 2020 - InvestigationChallengeMemory2020Abhiram Kumar
InCTF Internationals 2020 - Investigation ContinuesChallengeMemory2020Abhiram Kumar
InCTF Internationals 2020 - LOGarithmChallengeMemory2020Abhiram Kumar
InCTF Internationals 2020 - Lookout FoxyChallengeDisk2020B Nihith
zer0pts CTF 2020 - Locked KitKatChallengeAndroid Pattern Lock Cracking2020Zer0pts
13Cubed Mini-Memory CTFCTFMemory2020Richard Davis
DEF CON CTF ArchiveCTFAll CTF categories2020Order of Overflow
DFA & CCSC Joint Spring 2020 CTFCTFWindows & iOS Forensics2020Champlain College Digital Forensics Association
Google Capture The Flag Contest ArchiveCTFAll CTF categories2020Google CTF Organisers
HackTheBoxCTFVarious2020Various
Magent Virtual Summit 2020 CTF - MemoryCTFVarious2020Jack Farley, Garrett Mahoney, Jordan Kimball and Jessica Hyde
Magnet Virtual Summit 2020 CTFCTFVarious2020Jack Farley, Garrett Mahoney, Jordan Kimball and Jessica Hyde
Magnet Virtual Summit 2020 CTF - AndroidCTFVarious2020Jack Farley, Garrett Mahoney, Jordan Kimball and Jessica Hyde
Magnet Virtual Summit 2020 CTF - Egg HuntCTFVarious2020Jack Farley, Garrett Mahoney, Jordan Kimball and Jessica Hyde
Magnet Virtual Summit 2020 CTF - iOSCTFVarious2020Jack Farley, Garrett Mahoney, Jordan Kimball and Jessica Hyde
MemLabsCTFMemory2020Abhiram Kumar
Root Me CTFCTFAll CTF categories2020Root-Me
Honeypot RepositoryTrainingHoneypots20200xsha
AceBear Security Contest 2019 - Incident ResponseChallengeMemory2019chung96vn
BSidesSF 2019 CTF - goodluks3ChallengeMemory, Disk2019BSidesSF
Chaos Communication Camp - Flag Converter (Part 1,2,3)ChallengeMemory2019ALLES!
CTFZone Quals 2019 - In the ShadowsChallengeNTFS2019BIZone
FireEye FLARE-On Challenge 2019ChallengeReverse Engineering2019FireEye
Foxton Forensics Cyber Challenge - November 2019ChallengeBrowser Forensics2019Foxton Forensics
Google Capture The Flag 2019 - Home ComputerChallengeNTFS2019Google CTF
hxp 36C3 CTF - tracerChallengeStrace Output Analysis2019hxp
Malware Traffic Analysis ExercisesChallengeNetwork Traffic Analysis2019Brad Duncan
MalwareTech Exploit ChallengesChallengeWindows Exploitation2019Marcus Hutchins
MalwareTech Reversing ChallengesChallengeReverse Engineering2019Marcus Hutchins
PICO CTF 2019 - c0rruptChallengeCorrupted File Recovery2019PICO CTF
Pwn2Win CTF 2019 - Cloud AdminChallengeMemory 2019Epic Leet Team
SANS HolidayHack 2018 LessonizedChallengeMiscellaneous2019John York
Securinets CTF Quals 2019 - Rare to WinChallengeMemory2019bibiwars
Champlain Digital Forensics Association Fall 2019 CTFCTFVarious2019Champlain College Digital Forensics Association
CSAW 2019 FinalsCTFAll CTF categories2019OSIRIS Lab, NYU Tandon
CSAW 2019 QualsCTFAll CTF categories2019OSIRIS Lab, NYU Tandon
Defcon DFIR CTF 2019CTFDigital Forensics2019https://twitter.com/champdfa||Champlain College Digital Forensics Association
SANS Holiday Hack 2019CTFVarious2019SANS
Computer Forensic Reference Data Sets (CFReDS) - MobileResearchMobile Forensics2019J Lyle
CSAW CTF Qualification Round 2018 - whyOSChallengeiOS App Log Analysis2018CSAW CTF Organizers
DFRWS 2018 ChallengeChallengeIoT Forensics2018Francesco Servida, Eoghan Casey
FireEye FLARE-On Challenge 2018ChallengeReverse Engineering2018FireEye
Hacking CaseChallengeWindows Forensics2018J Lyle
HackOver CTF 2018 - Unbreak My StartChallengeCorrupted File Recovery2018Cyclopropenylidene
Real World CTF 2018 Quals - ccls fringeChallengeCCLS Cache Analysis2018Chaitin Tech
SANS HolidayHack 2017 LessonizedChallengeMiscellaneous2018John York
Timisoara CTF 2018 Quals - NeurosurgeryChallengeMemory2018Timisoara CTF
CSAW 2018 FinalsCTFAll CTF categories2018OSIRIS Lab, NYU Tandon
CSAW 2018 QualsCTFAll CTF categories2018OSIRIS Lab, NYU Tandon
SANS Holiday Hack 2018CTFVarious2018SANS
Publicly Available PCAP filesResourceNetwork Traffic Analysis2018Netresec
DFRWS 2017 ChallengeChallengeIoT Forensics2017Joshua James & Eoghan Casey
FireEye FLARE-On Challenge 2017ChallengeReverse Engineering2017FireEye
CSAW 2017 FinalsCTFAll CTF categories2017OSIRIS Lab, NYU Tandon
CSAW 2017 QualsCTFAll CTF categories2017OSIRIS Lab, NYU Tandon
CTF ResourcesCTFCTF Miscellaneous2017Amanpreet Singh
SANS Holiday Hack 2017CTFVarious2017SANS
Deleted File Recovery ImagesResearchData Recovery2017J Lyle
DFRWS 2016 ChallengeChallengeSDN Forensics2016DFRWS
FireEye FLARE-On Challenge 2016ChallengeReverse Engineering2016FireEye
Practice NTDS.dit File OverviewChallengePassword Cracking2016Didier Stevens
SANS DFIR Challenge - Ann's AuroraChallengeNetwork Traffic Analysis2016Sherri Davidoff, Eric Fulton, and Jonathan Ham
CSAW 2016 FinalsCTFAll CTF categories2016OSIRIS Lab, NYU Tandon
CSAW 2016 QualsCTFAll CTF categories2016OSIRIS Lab, NYU Tandon
RingZer0 Team Online CTFCTFAll CTF categories2016Ringzer0 team
SANS Holiday Hack 2016CTFVarious2016SANS
DFRWS 2015 ChallengeChallenge2015Dr. Golden G. Richard III
DFRWS 2015 Rodeo ChallengeChallengeMalware2015Dr. Golden G. Richard III
FireEye FLARE-On Challenge 2015ChallengeReverse Engineering2015FireEye
Packet Analysis PracticeChallengeNetwork Traffic Analysis2015Jake Williams
Ransomware & EntropyChallengeMalware2015Didier Stevens
SANS DFIR Monterey 2015ChallengeNetwork Traffic Analysis2015SANS
Boston Key Party 2015CTFCrypto, Exploitation & Reversing2015BostonKeyParty
CSAW 2015 FinalsCTFAll CTF categories2015OSIRIS Lab, NYU Tandon
CSAW 2015 QualsCTFAll CTF categories2015OSIRIS Lab, NYU Tandon
SANS Holiday Hack 2015CTFVarious2015SANS
ForGe Forensic test image generatorResearchTest Image Generator2015Hannu Visti
Malware Dynamic AnalysisTrainingMalware Analysis2015Veronica Kovah
Practical Malware Analysis Chapter 1 Lab AttemptTutorialReverse Engineering2015Andy Marks
Practical Malware Analysis Chapter 3 Lab AttemptTutorialReverse Engineering2015Andy Marks
FireEye FLARE-On Challenge 2014ChallengeReverse Engineering2014FireEye
Spy Hunter Holiday Challenge 2014ChallengeNetwork Traffic Analysis2014Jordan
CSAW 2014 FinalsCTFAll CTF categories2014OSIRIS Lab, NYU Tandon
CSAW 2014 QualsCTFAll CTF categories2014OSIRIS Lab, NYU Tandon
SANS Holiday Hack 2014CTFVarious2014SANS
Digital Forensics Security Treasure HuntChallengePractice2013Department of Defense Cyber Crime Center (DC3)
Jack Crook Forensic Challenge 2ChallengeMemory & Network Traffic Analysis2013Jack Crook
SANS Memory Challenge 2013ChallengeMemory2013SANS
CSAW 2013 FinalsCTFAll CTF categories2013OSIRIS Lab, NYU Tandon
CSAW 2013 QualsCTFAll CTF categories2013OSIRIS Lab, NYU Tandon
SANS Holiday Hack 2013CTFVarious2013SANS
SANS Holiday Hack 2012CTFVarious2012SANS
Defeating LinCrackme3 with radare2TutorialReverse Engineering2012Julien Voisin
Malware Analysis Tutorials: A Reverse Engineering ApproachTutorialReverse Engineering2012Dr. Xiang Fu
Challenge #1 - Web Server CaseChallengeWindows Forensics2011Ali Hadi
Challenge #2 - User Policy Violation CaseChallengeWindows Forensics2011Ali Hadi
Challenge #3 - Mystery Hacked SystemChallengeWindows Forensics2011Ali Hadi
Challenge #4 - Launching Attacks from Alternate Data StreamsChallengeWindows Forensics2011Ali Hadi
LMG Network Forensics Puzzle ContestsChallengeNetwork Traffic Analysis2011LMG Security
SANS Holiday Hack 2011CTFVarious2011SANS
Dougee's Comparison Samples on Windows XPResearchMemory2011Unknown
Lance Mueller Forensic Practical Exercise #3ChallengeUSB2010Lance Mueller
Lance Mueller Forensic Practical Exercise #4ChallengeDisk2010Lance Mueller
CoreLAN TeamTutorialWin32 Shellcoding2010Corelan Team
Lance Mueller Forensic Practical Exercise #1ChallengeDisk and Network Traffic Analysis2008Lance Mueller
Lance Mueller Forensic Practical Exercise #2ChallengeDisk2008Lance Mueller
DFRWS 2007 ChallengeChallengeFile Forensics2007Brian Carrier, Eoghan Casey, Wietse Venema
Unicode String Searching - Russian TextChallengeRussian string search in Unicode2007J Lyle
DFRWS 2005 Rodeo ChallengeChallengeInsider Threat2005Dr. Golden G. Richard III
ISCFCE Sample Practical ExerciseChallengeInsider Threat2004The International Society of Forensic Computer Examiners
FRA ChallengesChallengeVariousFRA
Reverse Engineering ChallengesChallengeReverse EngineeringDennis Yurichev
Forensic Challenges by Aman HardikarChallenge resourceVariousAman Hardikar
HackingLabCTFVariousHacking Lab
CTF 101CTF ResourceAll CTF categoriesOSIRIS Lab, NYU Tandon
Basic Mac ImageResearchMac ForensicsJ Lyle
Data Leakage CaseResearchInsider ThreatJ Lyle
Moyix's Fuzzy Hidden Process Sample on Windows XP SP3ResearchMemory
ComputerSecurityStudentTutorialMemory
Deconstructing an ELF FileTutorialReverse EngineeringManohar Vanga

Walkthroughs

TitleWalkthrough
2020 Defenit CTF - USB2Abhiram Kumar
HackTM CTF Quals 2020 - Find My PassAbhiram Kumar
HackTM CTF Quals 2020 - RRAbhiram Kumar
InCTF Internationals 2020 - InvestigationAbhiram Kumar
InCTF Internationals 2020 - Investigation ContinuesAbhiram Kumar
InCTF Internationals 2020 - LOGarithmAbhiram Kumar
Timisoara CTF 2018 Quals - NeurosurgeryAikari
Spy Hunter Holiday Challenge 2014Alec R Waters
DFRWS 2015 ChallengeAntonio Villani & Davide Balzarotti
Jack Crook Forensic Challenge 2Ashish Bhangale
InCTF Internationals 2020 - Lookout FoxyB Nihith
DFRWS 2016 ChallengeBooz Allen
Google Capture The Flag 2019 - Home ComputerCerberus
SANS Holiday Hack 2015Counter Hack
SANS Holiday Hack 2016Counter Hack
SANS Holiday Hack 2017Counter Hack
SANS Holiday Hack 2018Counter Hack
PICO CTF 2019 - c0rruptDavid
Magnet Virtual Summit 2020 CTF - Egg HuntDFIR_300
Magnet Virtual Summit 2020 CTF - AndroidDFIR_301
Ransomware & EntropyDidier Stevens
Huntress Capture The Flag 2023Doug Metz
AceBear Security Contest 2019 - Incident ResponseDuc Phan
CSAW CTF Qualification Round 2018 - whyOSEmpireCTF
HackOver CTF 2018 - Unbreak My StartEmpireCTF
Real World CTF 2018 Quals - ccls fringeEmpireCTF
FireEye FLARE-On Challenge 2014FireEye
FireEye FLARE-On Challenge 2015FireEye
FireEye FLARE-On Challenge 2016FireEye
FireEye FLARE-On Challenge 2017FireEye
FireEye FLARE-On Challenge 2018FireEye
FireEye FLARE-On Challenge 2019FireEye
Cellebrite CTF 2023 - AbeForensafe
Cellebrite CTF 2023 - FelixForensafe
Cellebrite CTF 2023 - SharonForensafe
Magnet Virtual Summit 2020 CTFForensicator
DF Challenge 2020 - I can't remember my passwordForensicator4
Foxton Forensics Cyber Challenge - November 2019Foxton Forensics
Packet Analysis Practicehttps://twitter.com/MalwareJake||Jake Williams
2020 Defenit CTF - Tangential CipherIsopach
Hacking CaseJ Lyle
Unicode String Searching - Russian TextJ Lyle
HackTM CTF Quals 2020 - Strange PCAPJaswanth B & Nihith B
Challenge #1 - Web Server CaseJoseph Moronwi
Securinets CTF Quals 2019 - Rare to WinJullle3
Magnet Virtual Summit 2020 CTF - iOSKevin Pagano
Cellebrite CTF 2023 - AbeKevin Pagano
Cellebrite CTF 2023 - FelixKevin Pagano
Pwn2Win CTF 2019 - Cloud AdminKhaled Nassar
Lance Mueller Forensic Practical Exercise #1Lance Mueller
LMG Network Forensics Puzzle ContestsLMG Security
Chaos Communication Camp - Flag Converter (Part 1,2,3)myrdyr
Lets Defend - Ransomware AttackN00b_H@ck3r
SANS HolidayHack 2018 LessonizedNoobintheshell
CTFZone Quals 2019 - In the Shadowsoffzone
DEF CON CTF ArchiveOrder of Overflow
CSAW 2013 FinalsOSIRIS Labs
CSAW 2013 QualsOSIRIS Labs
CSAW 2014 FinalsOSIRIS Labs
CSAW 2014 QualsOSIRIS Labs
CSAW 2015 FinalsOSIRIS Labs
CSAW 2015 QualsOSIRIS Labs
CSAW 2016 FinalsOSIRIS Labs
CSAW 2016 QualsOSIRIS Labs
CSAW 2017 FinalsOSIRIS Labs
CSAW 2017 QualsOSIRIS Labs
CSAW 2018 FinalsOSIRIS Labs
CSAW 2018 QualsOSIRIS Labs
CSAW 2019 FinalsOSIRIS Labs
CSAW 2019 QualsOSIRIS Labs
13Cubed Mini-Memory CTFPeter Stewart
Defcon DFIR CTF 2019Peter Stewart
Magent Virtual Summit 2020 CTF - MemoryPeter Stewart
SANS DFIR Monterey 2015Phil Hagen
SANS Memory Challenge 2013Rob Lee
SANS HolidayHack 2017 LessonizedRonnie Flathers
SANS Holiday Hack 2011SANS
SANS Holiday Hack 2012SANS
SANS Holiday Hack 2013SANS
SANS Holiday Hack 2014SANS
hxp 36C3 CTF - tracerShreyansh Singh
DerbyCon 2016Spicy Weasel
DerbyCon 2017Spicy Weasel
DerbyCon 2018Spicy Weasel
DerbyCon 2019Spicy Weasel
BSidesSF 2019 CTF - goodluks3TeamRocketIST
zer0pts CTF 2020 - Locked KitKatThe Flat Network Society
Boston Key Party 2015Various
DFRWS 2007 ChallengeVarious
DFRWS 2017 ChallengeVarious
DFRWS 2018 ChallengeVarious
SANS DFIR Challenge - Ann's AuroraVarious
FRA ChallengesWalkthrough presented at SECCON
SANS Holiday Hack 2019Zach
GrabThePhisherCyberDefenders: GrabThePhisher - N00b_H@ck3r
Belkasoft July 2022BELKASOFT CTF JULY 2022: WRITE-UP
Velociraptor PlaygroundVelociraptor Playground 2022-08-02 - Mash That Key
UACTF 2022[CTF] UACTF 2022 - Forensics - nxb1t
Memory AnalysisLetsDefend: Memory Dumper - N00b_H@ck3r
Thunder CTF - Google Cloud PlatformThunder CTF Walkthrough: Part 1 - Saumya Kasthuri