Learning pathlinuxbashcli-productivitysecurity
Linux Forensics Path
Move from basic shell inspection to incident-grade evidence gathering across logs, permissions, processes, sockets, and suspicious activity.
Path reward
Linux Forensics Analyst
SRE learners, backend engineers, and security-minded operators who want practical Linux incident confidence.
Demo progress: start the first mission to begin tracking.
Evidence handler
Collect read-only facts without damaging the scene. Required clears: 2.
Timeline builder
Correlate logs, processes, sockets, and request IDs. Required clears: 5.
Forensics operator
Explain blast radius and next safe action. Required clears: 8.
Mission chain
Step 1
Warm up with journal failure triage
Easy Linux arena: journalctl filtering, time windows, units, and severity levels
Step 2
Stabilize permission drift audit
Medium Linux arena: Unix permissions, ownership, and safe read-only inspection
Step 3
Stabilize awk latency report
Medium Bash arena: awk grouping, numeric aggregation, and stable reports
Step 4
Harden runaway process forensics
Hard Linux arena: process inspection with ps, pgrep, lsof, and deterministic filtering
Step 5
Harden journal failure triage
Hard Linux arena: journalctl filtering, time windows, units, and severity levels
Step 6
Harden jq API triage
Hard CLI Productivity arena: JSON selection, grouping, sorting, and defensive null handling
Step 7
Harden secret redaction in logs
Hard Security Basics arena: credential detection, structured logging, redaction boundaries, and safe observability
Step 8
Rescue socket ownership map
Extreme Linux arena: ss, lsof, ports, listeners, and service ownership