Digital Forensic Scientist

3 minute read

Welcome everyone to the November DFIR Dev competition!

Competition updates will be posted here. Also follow us for announcements.

Last updated: 2021-11-03

This month we have prizes sponsored by DFIRScience, Cyber5W and Stark4N6.

The goal of the competition is to contribute code to ALEAPP, iLEAPP, or WLEAPP. The most useful, innovative, and practical submissions will win cash and other prizes. Three judges will independently score each submission, and the scores will be averaged and ranked. Read below for submission instructions.

Note: This is an independent competition hosted by DFIRScience and is not associated with Alexis (Brigs). Please do not contact him about the competition. Instead, email DFIRScience with any questions.

Dates

  • November 1st: Competition opens!
  • November 28th (23:59UTC-4): Submissions close
  • December 2nd: Winners announced

Prizes!

  • First place gets $100USD, DFIRScience/Stark4N6 stickers, Cyber5W course coupons, and an online badge
  • Second place gets $60USD, DFIRScience/Stark4N6 stickers, Cyber5W course coupons, and an online badge
  • Third place gets $40USD, DFIRScience/Stark4N6 stickers, Cyber5W course coupons, and an online badge
  • Fourth place gets DFIRScience stickers, Cyber5W course coupons, and an online badge
  • Fifth place gets Cyber5W course coupons and an online badge

Submissions

Code entries will be submitted via Github pull request. You must make the pull request to the DFIRScience repositories here: ALEAPP, iLEAPP, WLEAPP. Submissions to the abrignoni repository will not be accepted as competition submissions. All submitted code will be merged with abrignoni repositories after the competition.

Instructions on how to clone the DFIRScience repository, make code changes, and submit a pull request will be released soon.

Evaluations will be made on a per-repository basis. All code changes on a repository from one author will be considered a submission. Each person can submit to each repository.

For example, you will submit two separate pull requests if you write a module for both ALEAPP and WLEAPP. They will be evaluated as two separate entries.

Alternatively, if you write two new modules for ALEAPP they will be grouped as one pull request and evaluated as one single submission.

Testing

To allow the judges to test your modules, you must provide test data. This data should show a minimum working example. Note that your code may be executed on Linux, Mac, or Windows.

Deliverables

  1. Your name or handel, social media, student or professional info as a comment in the pull request.
  2. A code contribution to ALEAPP, iLEAPP, or WLEAPP submitted as a pull request to the DFIRScience GitHub repository.
  3. data and instructions for a minimum working example included as a link in the pull request.
  4. Documentation (blog post, text file, video) about the design and usage of your submission included as a link in the pull request.

Q&A

  • Who can participate in the competition?
    • Anyone except judges and ?LEAPP core developers (that wouldn’t be fair!)
  • Do you have to be in the U.S. to participate?
    • No. Anyone from any country can participate.
  • What will you do with the code after the competition?
    • We will submit changes to the original developers for inclusion in the mainline tools.
  • How can we receive cash prizes?
    • We will arrange the best payment methods with the winners.

How to get started

Sponsors

Cyber 5W is a team of digital forensics specialists who have collaborated and designed an online training academy where students can select practical, interactive, skill-based digital forensic courses that are accessible and affordable. We are also available for consulting, speaking engagements, and on-site training. Our mission is to share our knowledge and expertise, teaching the skills, tools and best-practices needed to investigate cyber crime, bring criminals to justice, and make the world a safer place.

DFIRScience develops free digital forensics and incident respoonse tutorials on YouTube.

Stark4N6 provides a collection of useful digital forensics resources, especially the forensics Start.Me page.

You may also enjoy

iLEAPP and RLEAPP updates and dev thoughts

4 minutes to read

Alex (@kviddy) has been pushing some extremely useful updates to the open-source Android forensic tool - [ALEAPP](https://github.com/abrignoni/ALEAPP]. Speci...

What data can you find in RAM?

4 minutes to read

To determine if you need to collect Random Access Memory on-scene, it is useful to know what kinda of investigation-relevant data is often available in RAM.

Modular artifact scripts coming to iLEAPP

4 minutes to read

kviddy has been pushing some great core updates to ALEAPP. Specifically, artifact scripts are now self-contained. This means that script authors no longer ne...