Sign up to save your podcasts
Or
Share Episode 17 - Building a CTF
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 17 - Building a CTF
Send us a text
So You Want to Build Your Own DFIR CTF?Ever wanted to build your own Digital Forensics and Incident Response (DFIR) Capture the Flag (CTF) challenge but weren’t sure where to start? In this episode of Traffic Light Protocol, we share the how-to of CTF builders, making it easy for anyone—no pentesting skills required!
Today's episode includes:
- Choosing Your CTF Theme – Using MITRE ATT&CK and APT tracking to craft a realistic attack scenario.
- Setting Up the Lab – Spinning up a Windows VM, configuring Sysmon, and enabling forensic logging.
- Running the Attack Simulations – Using Atomic Red Team to generate forensic artifacts.
- Testing & Troubleshooting – Making sure your tests actually work before unleashing them on your team.
- Building an Engaging Story – Crafting a compelling incident narrative that challenges analysts to think like investigators.
Resources mentioned in the podcast:
https://drive.google.com/drive/folders/1vF3y-OlsowjX9LUOi7ywDy8VgcfhWcUX?usp=sharing
View all episodes
By Clint MarsdenSend us a text
So You Want to Build Your Own DFIR CTF?Ever wanted to build your own Digital Forensics and Incident Response (DFIR) Capture the Flag (CTF) challenge but weren’t sure where to start? In this episode of Traffic Light Protocol, we share the how-to of CTF builders, making it easy for anyone—no pentesting skills required!
Today's episode includes:
- Choosing Your CTF Theme – Using MITRE ATT&CK and APT tracking to craft a realistic attack scenario.
- Setting Up the Lab – Spinning up a Windows VM, configuring Sysmon, and enabling forensic logging.
- Running the Attack Simulations – Using Atomic Red Team to generate forensic artifacts.
- Testing & Troubleshooting – Making sure your tests actually work before unleashing them on your team.
- Building an Engaging Story – Crafting a compelling incident narrative that challenges analysts to think like investigators.
Resources mentioned in the podcast:
https://drive.google.com/drive/folders/1vF3y-OlsowjX9LUOi7ywDy8VgcfhWcUX?usp=sharing