Category Archives: Windows

Windows Sandbox Scripts

Windows Sandbox is an amazing Windows feature that could be used for Malware Analysis. In order to install it you’ll need to follow this blog post here by Microsoft.

Posted in DFIR, Investigations, Malware, Research, Security, Software/Tools, ThreatHunting, Virtualization, Windows | Tagged , , | Leave a comment

GOADv2 in a VM

Hello, I finally was able to play with the GOAD v2 project and configure it to run within a single VM using nested Virtualization. From the developer of the project “GOAD is a pentest active directory LAB project. The purpose … Continue reading

Posted in Exploitation, Investigations, PenTest, Research, Virtualization, Vulnerability, Windows | Tagged , , , , | Leave a comment

Challenge #9 – Encrypt Them All Case

In this case you are required to decrypt all the data and files that have been encrypted using different crypto methods. E01 for the drive could be found: here #1: Lost in Space: We noticed that the whole communication started … Continue reading

Posted in Anti-Forensics, Challenges, DFIR, Forensics, Investigations, Windows | Tagged , , , , , , | Comments Off on Challenge #9 – Encrypt Them All Case

Challenge #8 – NTFS File System Case

In this case you are required to find all the data and files that have been hidden using some of the NTFS file system capabilities. – E01 for the drive could be found: here – There are 5 hidden things … Continue reading

Posted in Challenges, DFIR, File Systems, Forensics, Investigations, Windows | Tagged , , , , , , , | Comments Off on Challenge #8 – NTFS File System Case

Prevent Windows Reboots on Expired VMs

Sometimes you have one of those VMs that you downloaded from Microsoft and then you used it for some testing. Now, after a certain amount of time, the free license given will expire and what will happen, is the VM … Continue reading

Posted in Security, Virtualization, Windows | Tagged , , , , , , , | Comments Off on Prevent Windows Reboots on Expired VMs