-
Recent Posts
Categories
- Academia (20)
- Android (1)
- Anti-Forensics (2)
- AntiX (3)
- Apache/Tomcat (8)
- Arabnix (6)
- BackTrack (5)
- Books (17)
- Challenges (5)
- Companies (16)
- Cyber 5W (1)
- Database (23)
- Development (31)
- DFIR (10)
- Exploitation (8)
- File Systems (1)
- Firewalls (20)
- Footprinting (14)
- Forensics (21)
- Fun (28)
- GNU/Linux (101)
- HDFS (1)
- IDS/IPS (4)
- Investigations (10)
- Kernel (24)
- Life (160)
- Linux Security (68)
- Linux Services (37)
- Malware (5)
- Memory (1)
- Metasploit (6)
- Mobile (3)
- Networks (44)
- News (75)
- OSINT (6)
- Patch Management (5)
- PCI Compliance (8)
- PenTest (52)
- Poems (9)
- PortKnocking (10)
- Privacy (4)
- Publications (12)
- Real Madrid (17)
- Research (3)
- Security (83)
- Snippets (33)
- Social Engineering (4)
- Software/Tools (51)
- Sport (78)
- ThreatHunting (3)
- Unix (12)
- Virtualization (26)
- Vulnerability (7)
- Web Security (12)
- Webapp (4)
- WHM/Cpanel (6)
- Windows (18)
- Workshops (1)
- z0ne (16)
Archives
Category Archives: Investigations
GOADv2 in a VM
Hello, I finally was able to play with the GOAD v2 project and configure it to run within a single VM using nested Virtualization. From the developer of the project “GOAD is a pentest active directory LAB project. The purpose … Continue reading
Posted in Exploitation, Investigations, PenTest, Research, Virtualization, Vulnerability, Windows
Tagged Active Directory, Attack, GOAD, RedTeam, Vulnerabilities
Leave a comment
Memory Forensics – RansomCare Investigation Case 1
In this case you are required analyze a memory dump of a Windows 10 system that has been hit with RansomCare. E01 for the Memory Dump could be found: here Find RansomCare’s code, dump it. and explain what happened to … Continue reading
Posted in Anti-Forensics, Challenges, Cyber 5W, DFIR, Forensics, Investigations, Malware
Tagged anti-forensics, Case Study, Challenge, DFIR, Investigation, Malware, memory forensics, RansomCare, Ransomware
Comments Off on Memory Forensics – RansomCare Investigation Case 1
Challenge #9 – Encrypt Them All Case
In this case you are required to decrypt all the data and files that have been encrypted using different crypto methods. E01 for the drive could be found: here #1: Lost in Space: We noticed that the whole communication started … Continue reading
Posted in Anti-Forensics, Challenges, DFIR, Forensics, Investigations, Windows
Tagged aes, anti-forensics, bit-locker, challenges, DFIR, gnupg, Investigations
Comments Off on Challenge #9 – Encrypt Them All Case
Challenge #8 – NTFS File System Case
In this case you are required to find all the data and files that have been hidden using some of the NTFS file system capabilities. – E01 for the drive could be found: here – There are 5 hidden things … Continue reading
Posted in Challenges, DFIR, File Systems, Forensics, Investigations, Windows
Tagged ant-forensics, challenges, DFIR, file systems, hidden, Investigations, ntfs, Windows Forensics
Comments Off on Challenge #8 – NTFS File System Case
Challenge #7 – SysInternals Case
The user downloaded what they thought was the SysInternals tool suite, double-clicked it, but the tools did not open and were not accessible. Since that time, the user has noticed that the system has “slowed down” and become less and … Continue reading
Posted in Challenges, DFIR, Forensics, Investigations, Malware
Tagged challenges, DFIR, Forensics, investigaitons, Malware, SysInternals, Windows Forensics
Comments Off on Challenge #7 – SysInternals Case