DFIR HOMECASESFORENSICS SKILLSCREDENTIALSBADGESCONTACTSECURE ADMIN
DIGITAL FORENSICS AND INCIDENT RESPONSE

GRISH PRADHAN

DFIR ANALYST IN TRAINING

Cybersecurity student focused on incident response, digital forensics, memory analysis, disk artifacts, network evidence, log review, threat hunting, and evidence handling. I build investigation-focused projects and document findings like a junior DFIR analyst preparing for real SOC and incident response work.

15+
DFIR LABS
8+
CERTIFICATIONS
CDSA
STUDIES IN PROGRESS
01

DFIR CASE WORK

Memory Forensics Investigation visual

Memory

Memory Forensics Investigation

Volatility-based investigation of a compromised Windows memory image to identify suspicious processes, command history, network connections, injected code indicators, and evidence suitable for an incident timeline.

VOLATILITYMEMORYWINDOWSTIMELINE
Network Forensics PCAP Analysis visual

Network

Network Forensics PCAP Analysis

Wireshark-led packet investigation focused on suspicious sessions, DNS activity, TLS metadata, protocol anomalies, IOC extraction, and clear evidence notes for escalation.

WIRESHARKPCAPIOCNETWORK
Windows Event Log Investigation visual

Incident Response

Windows Event Log Investigation

Event log triage workflow for authentication activity, PowerShell execution, service creation, scheduled tasks, persistence hints, and high-confidence incident response findings.

EVENT LOGSPOWERSHELLIRSIEM
Digital Evidence Handling Report visual

Evidence

Digital Evidence Handling Report

Forensic reporting workflow covering acquisition notes, chain of custody, hashing, artifact documentation, examiner observations, and defensible findings.

EVIDENCEHASHINGREPORTINGCHAIN OF CUSTODY
Advanced TLS Sniffer visual

Network

Advanced TLS Sniffer

TLS traffic analysis tool for extracting SNI, certificates, cipher suites, JA3-style fingerprints, and encrypted traffic clues useful during threat hunting and network forensics.

PYTHONTLSSCAPYFORENSICS
IOC Extractor and Triage Notes visual

Threat Hunting

IOC Extractor and Triage Notes

Investigation helper for extracting IPs, domains, hashes, URLs, and suspicious strings from reports and logs, then organizing them for enrichment and containment decisions.

IOCTHREAT HUNTINGLOGSPYTHON
Disk Artifact Explorer visual

Disk

Disk Artifact Explorer

Disk forensics practice focused on file system artifacts, browser traces, deleted-file clues, user activity, timestamps, and examiner notes for a final investigation report.

AUTOPSYFTK IMAGERDISKARTIFACTS
Incident Timeline Generator visual

Incident Response

Incident Timeline Generator

Timeline-first workflow that combines log entries, file timestamps, packet evidence, and analyst notes to reconstruct attack activity from detection through containment.

TIMELINEIRLOG ANALYSISEVIDENCE
02

FORENSIC CAPABILITIES

IR

Response

Incident Response

86%
MEM

Forensics

Memory Forensics

82%
NET

Forensics

Network Forensics

84%
DSK

Forensics

Disk Forensics

78%
LOG

Logs

Windows Event Log Analysis

83%
HUNT

Detection

Threat Hunting

80%
EVD

Evidence

Evidence Handling

79%
CDSA

Certification

CDSA Study Path

72%
03

CERTIFICATIONS AND DFIR STUDIES

TRYHACKME

Jr Penetration Tester

Hands-on vulnerability scanning, exploitation, privilege escalation, and professional reporting knowledge that supports incident reconstruction and attacker-behavior analysis.

TRYHACKME

Web Fundamentals

HTTP, DNS, web application architecture, and modern web behavior useful for web incident triage, log review, and network investigation.

TRYHACKME

Cyber Security 101

Core security concepts, threat awareness, defensive controls, and practitioner fundamentals for SOC and DFIR learning.

TRYHACKME

Advent of Cyber 2025

Completed 24 cybersecurity challenges demonstrating consistent practice across investigation, analysis, and defensive security scenarios.

SECURITY BLUE TEAM

Intro to Penetration Testing

Foundational assessment methodology, scoping, and attacker perspective used to better understand intrusion paths during incident response.

RED TEAM LEADERS

CTIGA

Certified Threat Intelligence and Governance Analyst training focused on threat intelligence frameworks, governance, and structured analysis.

RED TEAM LEADERS

CRTOM

Certified Red Team Operations Management training that helps connect adversary simulation concepts to detection, response, and control validation.

APISEC UNIVERSITY

CASA

Certified API Security Analyst training covering API security testing, vulnerabilities, and best practices for web and API incident context.

APISEC UNIVERSITY

ACP

APISEC Certified Practitioner credential showing API security foundations, practitioner knowledge, and exam-based validation.

DFIR PORTFOLIO

Digital Forensics Investigation Reports

Reports covering evidence acquisition, artifact review, findings, screenshots, and clear examiner conclusions.

TRYHACKME

Top 1% Cybersecurity Learner

Hands-on labs supporting SOC, DFIR, Windows, Linux, networking, and investigation fundamentals.

CERTIFICATION STUDY

CDSA Candidate

Studying SOC alert triage, log analysis, SIEM workflows, incident response, and defensive investigation methods.

04

TOOLS AND BADGES

VOLATILITY badge
VOLATILITY
WIRESHARK badge
WIRESHARK
AUTOPSY badge
AUTOPSY
FTK IMAGER badge
FTK IMAGER
WINDOWS LOGS badge
WINDOWS LOGS
THREAT HUNTING badge
THREAT HUNTING
CDSA STUDIES badge
CDSA STUDIES
EVIDENCE CARE badge
EVIDENCE CARE
05

GET IN TOUCH