# Security Knowledge Base

Red team, blue team, forensics, and cyber threat intelligence.

---

## Red Team

| Course | Path |
|--------|------|
| CRTO I | `Red-Team/CRTO-I/` |
| CRTO II | `Red-Team/CRTO-II/` |

## Blue Team

| Topic | Path |
|-------|------|
| Detection Engineering | `Blue-Team/Detection-Engineering/` |
| Incident Handling | `Blue-Team/Incident-Handling/` |
| Forensics | `Blue-Team/Forensics/` |
| CTI (Cyber Threat Intel) | `Blue-Team/CTI/` |
| Azure Sentinel | `Blue-Team/Azure-Sentinel/` |
| TryHackMe Data | `Blue-Team/THM-Data/` |

## Learning Path

1. **Blue Team first** — `Detection-Engineering/` → `Incident-Handling/`
2. **Forensics** — `Forensics/` for Windows artifacts
3. **CTI** — `CTI/` for threat intel and MITRE ATT&CK
4. **Red Team** — `CRTO-I/` → `CRTO-II/` (needs blue team foundation)

---

*Index file — update as you add content*