Episode 17 - Building a CTF
Description
So You Want to Build Your Own DFIR CTF?
Ever wanted to build your own Digital Forensics and Incident Response (DFIR) Capture the Flag (CTF) challenge but weren’t sure where to start? In this episode of Traffic Light Protocol, we share the how-to of CTF builders, making it easy for anyone—no pentesting skills required!
Today's episode includes:
- Choosing Your CTF Theme – Using MITRE ATT&CK and APT tracking to craft a realistic attack scenario.
- Setting Up the Lab – Spinning up a Windows VM, configuring Sysmon, and enabling forensic logging.
- Running the Attack Simulations – Using Atomic Red Team to generate forensic artifacts.
- Testing & Troubleshooting – Making sure your tests actually work before unleashing them on your team.
- Building an Engaging Story – Crafting a compelling incident narrative that challenges analysts to think like investigators.
Resources mentioned in the podcast:
https://drive.google.com/drive/folders/1vF3y-OlsowjX9LUOi7ywDy8VgcfhWcUX?usp=sharing
Join the AI Cyber Security Skool Group
Inside the group, you’ll learn how to defend against prompt injections, lock down API keys, and stop your automations from turning into costly incidents. It’s a space for cyber pros, engineers, and AI builders to share playbooks, tools, and real-world lessons on keeping AI secure.
https://www.skool.com/ai-automation-security-5754/about?ref=3e3ebf81027c4bceb6f7cbfdbabe22ea
United States
