burakemir
Hal PomeranzI may regret this. You may regret this.
I've just put out a Linux forensics scenario for you all to play around with. There's a contest. You r submissions are due by 2026-04-15 23:59 UTC.
On Friday I announced a DFIR challenge around a recently drafted Linux forensics scenario. This garnered a lot of interest and even a couple of submissions over the weekend.
After chatting with one potential entrant, I realized to my horror that I had uploaded an incorrect version of the scenario data. I replaced the incorrect version Sunday evening and updated the original blog post. But if you grabbed the scenario data before the change, you don't have everything I intended you to have.
The revised version contains a full memory dump from the system. And note that while the general outline of the scenario remains unchanged, the revised version will have different timestamps for some of the activity.
So grab the revised version and have at it! Thanks for your patience and I hope you enjoy working on it!