Create lab1-osint-basics.md

ngvuthdanhh · web-flow · commit 909f68e5722f · 2025-12-05T12:42:41.000+07:00
diff --git a/labs/lab1-osint-basics.md b/labs/lab1-osint-basics.md
@@ -0,0 +1,15 @@
+# Lab 1 – OSINT Basics for DFIR
+
+## Objective
+Learn how to collect publicly available information relevant to an incident.
+
+## Tasks
+1. Perform domain lookups (WHOIS, DNS, certificates).
+2. Identify related infrastructure (subdomains, IP allocations).
+3. Check reputation platforms (VirusTotal, AbuseIPDB).
+4. Collect indicators and document findings.
+
+## Expected Output
+- IOC list  
+- Screenshots of queries  
+- Summary of correlations  
