Skills
.Work. You
Rest

ctf-forensics

Community

Turn forensics data into actionable CTF insights.

Data & Analytics#ctf#forensics#memory-dump#disk-image#usn-journal#windows-forensics#linux-forensics
Authorljagiello
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This skill helps defenders and challengers quickly locate and correlate forensic artifacts across disk images, memory dumps, event logs, and network captures for CTF challenges and real investigations.

Core Features & Use Cases

  • Comprehensive artifact discovery across Windows and Linux traces (registry data, SAM, USN journal, event logs, PCAPs, browser/history data).
  • Timeline reconstruction and cross-reference of artifacts to build coherent narratives for incident response or challenge solving.
  • Quick-reference resources and techniques linked to supporting Markdown files to load context during activation.

Quick Start

Analyze the provided disk image, memory dump, or network capture to locate initial forensic artifacts and build a cohesive timeline.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: ctf-forensics
Download link: https://github.com/ljagiello/ctf-skills/archive/main.zip#ctf-forensics

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.