search

Digital-Forensics-Discord-Server / TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts

The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportunity to write a chapter of a book to get their name out there, get a publication on their resume with an actual ISBN number, and ideally lower the bar for people to contribute something back to the DFIR Community. Want to write a chapter? Let me know and let's make it happen!
MIT License
190 stars 22 forks source link

Order of Chapters #6

Closed AndrewRathbun closed 2 years ago

AndrewRathbun commented 2 years ago

We'll use this issue to discuss the order of the chapters once enough chapters have commitments from authors.

AndrewRathbun commented 2 years ago

Order of Chapters Project board created so we can drag the chapters in order.

mdawsonuk commented 2 years ago

Depending on the topics chosen/people who want to contribute, perhaps we could divide it into sub-categories like Computer DFIR/Mobile DFIR?

AndrewRathbun commented 2 years ago

Depending on the topics chosen/people who want to contribute, perhaps we could divide it into sub-categories like Computer DFIR/Mobile DFIR?

I was already thinking that since we have 2 chapters covering mobile thus far! My chapter won't be technical so it'd just be part of a "General" section, I guess. TBD exact name

ApexPredator-InfoSec commented 2 years ago

I think sub-categories could help with the flow so it's not jumping around too much. Could also look at beginner topics section and more advanced topics section to help target sections to people's experience level.

B1N2H3X commented 2 years ago

Definitely happy to help with the ordering. Agreed on the fact that there could be sections

Here are some groupings I see already: Beginnings

dwmetz commented 2 years ago

Introduction

I. DFIR History

II. Just the (arti)Facts Ma'am

III. I want to Believe (a 3rd article may tie the LE and Trust but verify...)

IV. Your DFIR Career

AndrewRathbun commented 2 years ago

https://github.com/Digital-Forensics-Discord-Server/CrowdsourcedDFIRBook/projects/1

I reworked the Kanban board and split up the sections so we can view things more horizontally than vertical in a single column.

EDIT: Also, to be clear, I like the sections presented above, so the column names can be changed anytime. This was more about changing the format of the project board than anything. I'm not dismissing the above proposed idea.

AndrewRathbun commented 2 years ago

@dwmetz did you wanna author the history of DFIR Analysis chapter? Or was that just a suggestion of a topic?

dwmetz commented 2 years ago

@AndrewRathbun , That was @B1N2H3X I believe

AndrewRathbun commented 2 years ago

@AndrewRathbun , That was @B1N2H3X I believe

Hah, you're right, I didn't scroll up high enough and it's been a few weeks since I was last in this issue :) Thanks for pointing that out! My bad!

AndrewRathbun commented 2 years ago

By my count, we have 6 chapters (including Chapter 0 - Introduction) ready for v1.0. 4 more and we're going to publish once they are edited and approved by all stakeholders.

https://github.com/Digital-Forensics-Discord-Server/TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts/labels/v1.0

EDIT: 7, I added Kevin Pagano's chapter to the list for v1.0.

AndrewRathbun commented 2 years ago

I'm going to revisit this later this week/this weekend to see where we're at with completed/almost completed chapters.

AndrewRathbun commented 2 years ago

As of the writing of this post, here's the chapter that are going to be in v1:

Chapter 0 - Introduction
Chapter 1 - History of the Digital Forensics Discord Server
Chapter 3 - The Basics of Malware Analysis
Chapter 4 - Password Cracking for Beginners
Chapter 5 - Large Scale Android Application Analysis
Chapter 8 - Deobfuscating PowerShell Scripts/Payloads
Chapter 9 - Gamification of DFIR - Playing CTFs
Chapter 16 - Artifacts as Evidence
Chapter 17 - Imaging

Which will pretty much be converted to the following:

Chapter 0 - Introduction
Chapter 1 - History of the Digital Forensics Discord Server
Chapter 2 - The Basics of Malware Analysis
Chapter 3 - Password Cracking for Beginners
Chapter 4 - Large Scale Android Application Analysis
Chapter 5 - Deobfuscating PowerShell Scripts/Payloads
Chapter 6 - Gamification of DFIR - Playing CTFs
Chapter 7 - Artifacts as Evidence
Chapter 8 - Imaging

9 chapters so far with one or two likely to be added on to this. We don't really have enough at this point to justify section dividers (yet). As more are added, I feel like we can justify adding section dividers, but right now, it's looking like a very large General section and one chapter in a Mobile Forensics section. It seems a bit silly to me to have dividers like that. Maybe in the end we end up scrapping the section dividers entirely but we'll see how it plays out.

Thoughts?