diff --git a/puzzles/forensics/forensic100/index.html b/puzzles/forensics/forensic100/index.html
new file mode 100644
index 0000000..1c7433c
--- /dev/null
+++ b/puzzles/forensics/forensic100/index.html
@@ -0,0 +1,13 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 100</TITLE>
+</HEAD>
+<BODY>The FBI has asked for your team's assistance in conducting a forensic analysis of a seized hacker's drive.
+The FBI tells you that the suspect is a known terrorist and may be using encryption on his disk.
+They have put their best agent on the job, but he has been unsuccessful in mounting and analyzing the drive on
+their forensic tool. Where do you tell Special Agent Dumas to begin looking to determine what type of filesystem
+is being used and whether disk encryption may be employed?
+<p>
+Enter the key in all lower case letters
+</BODY>
+</HTML>
diff --git a/puzzles/forensics/forensic100/key b/puzzles/forensics/forensic100/key
new file mode 100644
index 0000000..8481b71
--- /dev/null
+++ b/puzzles/forensics/forensic100/key
@@ -0,0 +1 @@
+master boot record
diff --git a/puzzles/forensics/forensic150/index.html b/puzzles/forensics/forensic150/index.html
new file mode 100644
index 0000000..9653228
--- /dev/null
+++ b/puzzles/forensics/forensic150/index.html
@@ -0,0 +1,11 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 150</TITLE>
+</HEAD>
+<BODY>Special Agent Dumas has looked for the structure you told him but can't find it.  He thinks the
+subject has taken evasive measures to hide the data on his drive.  What signature should he look for to
+identify the structure?
+<p>
+Enter the key as a set of hex characters. (E.g. 0xde 0xad 0xbe 0xef)
+</BODY>
+</HTML>
diff --git a/puzzles/forensics/forensic150/key b/puzzles/forensics/forensic150/key
new file mode 100644
index 0000000..3693c14
--- /dev/null
+++ b/puzzles/forensics/forensic150/key
@@ -0,0 +1 @@
+0x55 0xaa
diff --git a/puzzles/forensics/forensic200/eff21d462a07b09b0cb34f9255baa768 b/puzzles/forensics/forensic200/eff21d462a07b09b0cb34f9255baa768
new file mode 100644
index 0000000..626b027
Binary files /dev/null and b/puzzles/forensics/forensic200/eff21d462a07b09b0cb34f9255baa768 differ
diff --git a/puzzles/forensics/forensic200/index.html b/puzzles/forensics/forensic200/index.html
new file mode 100644
index 0000000..ffdfb36
--- /dev/null
+++ b/puzzles/forensics/forensic200/index.html
@@ -0,0 +1,13 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 200</TITLE>
+</HEAD>
+<BODY>Special Agent Dumas is still stumped.  He has looked where you told him but is unable to decipher
+what filesystem is on the disk.  He has extracted the portion of the disk you pointed him to and has
+<BR>
+<P>
+<a href="eff21d462a07b09b0cb34f9255baa768">eff21d462a07b09b0cb34f9255baa768</a>
+<p>
+Provide the answer in all capital letters
+</BODY>
+</HTML>
diff --git a/puzzles/forensics/forensic200/key.txt b/puzzles/forensics/forensic200/key.txt
new file mode 100644
index 0000000..4412524
--- /dev/null
+++ b/puzzles/forensics/forensic200/key.txt
@@ -0,0 +1 @@
+NTFS
\ No newline at end of file
diff --git a/puzzles/forensics/forensic300/eff21d462a07b09b0cb34f9255baa768 b/puzzles/forensics/forensic300/eff21d462a07b09b0cb34f9255baa768
new file mode 100644
index 0000000..626b027
Binary files /dev/null and b/puzzles/forensics/forensic300/eff21d462a07b09b0cb34f9255baa768 differ
diff --git a/puzzles/forensics/forensic300/index.html b/puzzles/forensics/forensic300/index.html
new file mode 100644
index 0000000..c5dc9a2
--- /dev/null
+++ b/puzzles/forensics/forensic300/index.html
@@ -0,0 +1,11 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 300</TITLE>
+</HEAD>
+<BODY>
+Special Agent Dumas really appreciates your team's assistance.  If you can just tell him the cylinder:head:sector
+of the partition you identified for him, he thinks he can get started in analyzing this disk.
+<P>
+<a href="eff21d462a07b09b0cb34f9255baa768">eff21d462a07b09b0cb34f9255baa768</a>
+</BODY>
+</HTML>
diff --git a/puzzles/forensics/forensic300/key b/puzzles/forensics/forensic300/key
new file mode 100644
index 0000000..1737e34
--- /dev/null
+++ b/puzzles/forensics/forensic300/key
@@ -0,0 +1 @@
+0:32:33
\ No newline at end of file
diff --git a/puzzles/forensics/forensic350/eff21d462a07b09b0cb34f9255baa768 b/puzzles/forensics/forensic350/eff21d462a07b09b0cb34f9255baa768
new file mode 100644
index 0000000..626b027
Binary files /dev/null and b/puzzles/forensics/forensic350/eff21d462a07b09b0cb34f9255baa768 differ
diff --git a/puzzles/forensics/forensic350/index.html b/puzzles/forensics/forensic350/index.html
new file mode 100644
index 0000000..4e92457
--- /dev/null
+++ b/puzzles/forensics/forensic350/index.html
@@ -0,0 +1,12 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 350</TITLE>
+</HEAD>
+<BODY>
+Special Agent Dumas is really grateful you were able to provide him the Cylinder:Head:Sector of the partition
+but he just realized that his forensic tool requires a LBA instead of C:H:S.  Please give SA Dumas the
+information he needs.
+<P>
+<a href="eff21d462a07b09b0cb34f9255baa768">eff21d462a07b09b0cb34f9255baa768</a>
+</BODY>
+</HTML>
diff --git a/puzzles/forensics/forensic350/key b/puzzles/forensics/forensic350/key
new file mode 100644
index 0000000..f3e53ee
--- /dev/null
+++ b/puzzles/forensics/forensic350/key
@@ -0,0 +1 @@
+2048
\ No newline at end of file