-
-
Recent Posts
-
Categories
- Academia (21)
- Android (1)
- Anti-Forensics (2)
- AntiX (4)
- Apache/Tomcat (8)
- Arabnix (6)
- BackTrack (5)
- Books (17)
- C5W (1)
- Challenges (5)
- Companies (16)
- Conferences (1)
- Cyber 5W (2)
- Database (23)
- Development (31)
- DFIR (14)
- Exploitation (8)
- File Systems (1)
- Firewalls (20)
- Footprinting (14)
- Forensics (22)
- Fun (28)
- GNU/Linux (101)
- HDFS (1)
- IDS/IPS (4)
- Investigations (13)
- Kernel (24)
- Life (161)
- Linux Security (68)
- Linux Services (37)
- Malware (9)
- Memory (1)
- Metasploit (6)
- Mobile (3)
- Networks (44)
- News (75)
- OSINT (6)
- Patch Management (5)
- PCI Compliance (8)
- PenTest (52)
- Poems (9)
- PortKnocking (10)
- Privacy (4)
- Publications (12)
- Real Madrid (17)
- Research (6)
- Security (84)
- Snippets (33)
- Social Engineering (4)
- Software/Tools (53)
- Sport (78)
- ThreatHunting (4)
- Unix (12)
- Virtualization (27)
- Vulnerability (7)
- Web Security (12)
- Webapp (4)
- WHM/Cpanel (6)
- Windows (19)
- Workshops (2)
- z0ne (16)
Archives
Category Archives: Investigations
Speaking at NCCC 2024
Next week, I will be speaking at the National Cyber Crime Conference 2024 for the second year in a row. This year Dr. Mariam Khader and myself will be running 4 different investigation workshops, mostly focusing on malware analysis with … Continue reading
Posted in Conferences, Cyber 5W, DFIR, Forensics, Investigations, Malware, Research, Workshops
Tagged C5W, Cyber 5W, DFIR, Investigating Linux Systems, Linux, Malware, Malware Analysis, NCCC
Leave a comment
Malware Tools, Tips and Tricks
In the past, I used to maintain a Google Doc with all the tools I use or recommend for my students to use for Malware Analysis. A couple of days ago, while doing a Malware Analysis workshop for NW3C, I … Continue reading
Posted in Academia, AntiX, DFIR, Investigations, Malware, Research, Software/Tools
Tagged Malware Analysis, Tips, Tools, Tricks
Leave a comment
Windows Sandbox Scripts
Windows Sandbox is an amazing Windows feature that could be used for Malware Analysis. In order to install it you’ll need to follow this blog post here by Microsoft.
Posted in DFIR, Investigations, Malware, Research, Security, Software/Tools, ThreatHunting, Virtualization, Windows
Tagged Malware Analysis, Reverse Engineering, Windows Sandbox
Leave a comment
GOADv2 in a VM
Hello, I finally was able to play with the GOAD v2 project and configure it to run within a single VM using nested Virtualization. From the developer of the project “GOAD is a pentest active directory LAB project. The purpose … Continue reading
Posted in Exploitation, Investigations, PenTest, Research, Virtualization, Vulnerability, Windows
Tagged Active Directory, Attack, GOAD, RedTeam, Vulnerabilities
Comments Off on GOADv2 in a VM
Memory Forensics – RansomCare Investigation Case 1
In this case you are required analyze a memory dump of a Windows 10 system that has been hit with RansomCare. E01 for the Memory Dump could be found: here Find RansomCare’s code, dump it. and explain what happened to … Continue reading
Posted in Anti-Forensics, Challenges, Cyber 5W, DFIR, Forensics, Investigations, Malware
Tagged anti-forensics, Case Study, Challenge, DFIR, Investigation, Malware, memory forensics, RansomCare, Ransomware
Comments Off on Memory Forensics – RansomCare Investigation Case 1
