Category Archives: Windows

Creating a Hidden Prefetch File to Bypass Normal Forensic Analysis

While doing more experiments of running EXEs and Malicious EXEs from ADS and Stealthy ADS to continue my previous work “Can We Say Farewell to Hiding Malicious EXEs in Stealth ADS“, and in order to create a forensic image and … Continue reading

Posted in AntiX, Forensics, ThreatHunting, Windows | Tagged , , , , , , , , | Comments Off on Creating a Hidden Prefetch File to Bypass Normal Forensic Analysis

Can We Say Farewell to Hiding Malicious EXEs in Stealth ADS

One of my current students asked if using Stealth Alternate Data Streams (ADS), could bypass AVs? Therefore, I wanted to prove that for the student by doing a simple experiment. What was done is the following: 1. Turned off Windows … Continue reading

Posted in AntiX, Forensics, Malware, Metasploit, Windows | Tagged , , , , , , | Comments Off on Can We Say Farewell to Hiding Malicious EXEs in Stealth ADS

Forensic Analysis: Creating User GUI vs CLI

Hello, This is my first forensic analysis post in English; as I’m sure you noticed by now that all of it is in Arabic; so excuse me for my bad English :) The whole idea came out when @azeemnow asked … Continue reading

Posted in Forensics, Windows | Tagged , , , , , | Comments Off on Forensic Analysis: Creating User GUI vs CLI

SMB Scanning بواسطة Metasploit

حين تم تطوير Metasploit كان الهدف هو خلق بيئة متكاملة للمهاجم لتنفيذ هجومه على الهدف … من بين تلك الأهداف هي عمل Modules متخصصة في جزئيات معينة تسهل عليك الوصول الى الضحية … وكذلك حسب كتاب Metasploit الأخير، يقولون ليس … Continue reading

Posted in Footprinting, Linux Services, Metasploit, PenTest, Windows | Tagged , , , , | Comments Off on SMB Scanning بواسطة Metasploit

Domain Controller Appliance من TurnKey

السلام عليكم ورحمة الله وبركاته من فترة وانا اريد اشير الى هذه التوزيعة الجميلة التي إسمها Domain Controller Appliance والتي تقدمها شركة او مؤسسة TurnKey بالإضافة الى توزيعات أخرى جاهزة مجهزة للعمل … هذه التوزيعة تستطيع إستعمالها كبديل للـ Active … Continue reading

Posted in GNU/Linux, Linux Services, Networks, Virtualization, Windows | Tagged , , , | Comments Off on Domain Controller Appliance من TurnKey