Forensic challenges

Even when I am doing some of it as part of my day job, I still enjoy participating in, and seeing the results of, the forensic/packet contests/challenges that can be found periodically being run by folks I respect.  Currently there are at least 2 challenges that look interesting.  The first is put together by the authors of the SANS 558 - Network Forensics course.  Info on that one can be found at  Their first two contests have been kind of fun, (in the interest of full disclosure, I'll be posting my solution to #2 on my handlers page over the weekend (talking to Jonathon and Sherry last week at SANS Security East, I decided I want to make one more minor addition to my scripts)).  The other is from the Honeynet Project and can be found at  Both run until 1 Feb, so if you've got some time, give them a look.

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Europe Prague 2022


423 Posts
ISC Handler
Jan 19th 2010

Sign Up for Free or Log In to start participating in the conversation!