-
Recent Posts
Categories
- Academia (21)
- Android (1)
- Anti-Forensics (2)
- AntiX (4)
- Apache/Tomcat (8)
- Arabnix (6)
- BackTrack (5)
- Books (17)
- C5W (1)
- Challenges (5)
- Companies (16)
- Conferences (1)
- Cyber 5W (2)
- Database (23)
- Development (31)
- DFIR (14)
- Exploitation (8)
- File Systems (1)
- Firewalls (20)
- Footprinting (14)
- Forensics (22)
- Fun (28)
- GNU/Linux (101)
- HDFS (1)
- IDS/IPS (4)
- Investigations (13)
- Kernel (24)
- Life (161)
- Linux Security (68)
- Linux Services (37)
- Malware (9)
- Memory (1)
- Metasploit (6)
- Mobile (3)
- Networks (44)
- News (75)
- OSINT (6)
- Patch Management (5)
- PCI Compliance (8)
- PenTest (52)
- Poems (9)
- PortKnocking (10)
- Privacy (4)
- Publications (12)
- Real Madrid (17)
- Research (6)
- Security (84)
- Snippets (33)
- Social Engineering (4)
- Software/Tools (53)
- Sport (78)
- ThreatHunting (4)
- Unix (12)
- Virtualization (27)
- Vulnerability (7)
- Web Security (12)
- Webapp (4)
- WHM/Cpanel (6)
- Windows (19)
- Workshops (2)
- z0ne (16)
Archives
Tag Archives: Forensics
Challenge #7 – SysInternals Case
The user downloaded what they thought was the SysInternals tool suite, double-clicked it, but the tools did not open and were not accessible. Since that time, the user has noticed that the system has “slowed down” and become less and … Continue reading
Posted in Challenges, DFIR, Forensics, Investigations, Malware
Tagged challenges, DFIR, Forensics, investigaitons, Malware, SysInternals, Windows Forensics
Comments Off on Challenge #7 – SysInternals Case
Linux Forensics Workshop
Hello, I’ve been invited by the Saudi Federation for Cyber Security and Programming (SAFCSP) to do a Linux Forensics workshop during their series of Cybersecurity Nights. My session will be next Thursday, May 14th, 2020 at 10:00 PM (KSA time) … Continue reading
Posted in Forensics, Investigations, Workshops
Tagged Forensics, Investigations, Linux, SAFCSP, Workshop
Comments Off on Linux Forensics Workshop
Investigating USB Drives using Mount Points Not Drive Letters
Yes, another excellent question came up by one of my students: If a user mounts the volume to a mount point, what artifacts could we find for the USB? Starting I think from Windows 8.1 or 10, a user could … Continue reading
Posted in DFIR, Forensics, Investigations, Windows
Tagged DFIR, Forensics, Investigations, registry, Registry Explorer, RegRipper, USB, Windows, Windows and tagged Computer Forensics
Comments Off on Investigating USB Drives using Mount Points Not Drive Letters
Acquiring Linux Memory using AVML and Using it with Volatility
This is another quick post going over the process to acquire memory from a Linux system, but instead of using LiME, I’m going to use AVML which stands for Acquire Volatile Memory for Linux, and could be found here. The … Continue reading
Posted in DFIR, Forensics, Memory, Software/Tools
Tagged Acquiring, avml, Forensics, LiME, Linux, memory forensics, Profile, Volatility
Comments Off on Acquiring Linux Memory using AVML and Using it with Volatility
Forensic Analysis: Creating User GUI vs CLI
Hello, This is my first forensic analysis post in English; as I’m sure you noticed by now that all of it is in Arabic; so excuse me for my bad English :) The whole idea came out when @azeemnow asked … Continue reading