The Art of DFIR Training
Looking at how Hard disks work and how to extend their investigation
How to analyze Macro enabled Office Documents
Analysis of Gafgyt Backdoor
Analysis of some famous JS obfuscation techniques
How to hunt for anomalies in a Windows Memory Dump
Detailed analysis of CryptNet Ransomware
Detailed analysis of Matanbuchus loader
A reference for NTFS file system artifacts investigation