Create tooling-guide.md

Author: ngvuthdanhh

extras/tooling-guide.md

@@ -0,0 +1,26 @@
+# DFIR Tooling Guide
+
+A practical guide to tools commonly used in DFIR investigations.
+
+## Categories
+
+### 🖥️ Endpoint Tools
+- Autopsy/The Sleuth Kit  
+- Velociraptor  
+- KAPE  
+- FTK Imager  
+
+### 🌐 Network Tools
+- Wireshark  
+- Zeek  
+- Suricata  
+
+### 🔍 Malware Tools
+- Ghidra  
+- CyberChef  
+- Cuckoo Sandbox  
+
+## Best Practices
+- Validate tools before use  
+- Maintain hash integrity  
+- Document every action