-
-
Recent Posts
-
Categories
- Academia (20)
- Android (1)
- Anti-Forensics (2)
- AntiX (3)
- Apache/Tomcat (8)
- Arabnix (6)
- BackTrack (5)
- Books (17)
- Challenges (5)
- Companies (16)
- Cyber 5W (1)
- Database (23)
- Development (31)
- DFIR (10)
- Exploitation (7)
- File Systems (1)
- Firewalls (20)
- Footprinting (14)
- Forensics (21)
- Fun (28)
- GNU/Linux (101)
- HDFS (1)
- IDS/IPS (4)
- Investigations (9)
- Kernel (24)
- Life (160)
- Linux Security (68)
- Linux Services (37)
- Malware (5)
- Memory (1)
- Metasploit (6)
- Mobile (3)
- Networks (44)
- News (75)
- OSINT (6)
- Patch Management (5)
- PCI Compliance (8)
- PenTest (51)
- Poems (9)
- PortKnocking (10)
- Privacy (4)
- Publications (12)
- Real Madrid (17)
- Research (2)
- Security (83)
- Snippets (33)
- Social Engineering (4)
- Software/Tools (51)
- Sport (78)
- ThreatHunting (3)
- Unix (12)
- Virtualization (25)
- Vulnerability (6)
- Web Security (12)
- Webapp (4)
- WHM/Cpanel (6)
- Windows (17)
- Workshops (1)
- z0ne (16)
Archives
Author Archives: [email protected]
Windows Kernel Debugging Using Two VMs on Linux
Just thought of writing this here, because I keep forgetting how to do this stuff! Also, since OST2 has lots of new courses related to Windbg, I thought this would be helpful for folks who use a Linux Workstation and … Continue reading
Posted in Exploitation, Kernel, Virtualization, Windows
Tagged bcdedit, debug, kdnet, serial, WinDbg
Comments Off on Windows Kernel Debugging Using Two VMs on Linux
من مُذكرات مُهاجر
منذ أكثر من عشرة سنوات وأنا أحاول السفر الى الخارج من خلال الهجرة. والدي ووالدتي يرفضون سفري وغير موافقين على ذلك… كُنت مُلحاً في كل مرة بأن يسمحوا لي بالهجرة، ولكن طلبي كان دائماً يلاقي الرفض… والدي كان أقل تشدداً … Continue reading
Posted in Life
Comments Off on من مُذكرات مُهاجر
Linux Forensics Workshop
Hello, I’ve been invited by the Saudi Federation for Cyber Security and Programming (SAFCSP) to do a Linux Forensics workshop during their series of Cybersecurity Nights. My session will be next Thursday, May 14th, 2020 at 10:00 PM (KSA time) … Continue reading
Posted in Forensics, Investigations, Workshops
Tagged Forensics, Investigations, Linux, SAFCSP, Workshop
Comments Off on Linux Forensics Workshop
Investigating USB Drives using Mount Points Not Drive Letters
Yes, another excellent question came up by one of my students: If a user mounts the volume to a mount point, what artifacts could we find for the USB? Starting I think from Windows 8.1 or 10, a user could … Continue reading
Posted in DFIR, Forensics, Investigations, Windows
Tagged DFIR, Forensics, Investigations, registry, Registry Explorer, RegRipper, USB, Windows, Windows and tagged Computer Forensics
Comments Off on Investigating USB Drives using Mount Points Not Drive Letters
No Drive Letter, No USB Evidence? Think Again!
This post is about a question asked: If the user removes the drive letter to hide the presence of a mounted USB drive, could we still locate that drive in the Windows Registry? Short answer is, YES it will still … Continue reading
Posted in DFIR, Forensics, Investigations, Windows
Tagged Computer Forensics, DFIR, registry, Registry Explorer, RegRipper, USB, Windows
Comments Off on No Drive Letter, No USB Evidence? Think Again!
