4n6 Week 3 – 2023 - FORENSIC ANALYSIS
本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
AbdulRhman Alfaifi at U0041
TLDR; $SDS is an artifact for NTFS file systems. This artifact contain security descriptors to all files and folders on the drive, which means it will contain information of the file owner and permissions of the file. I also wrote a Rust 🦀 parser for this artifact that you can download from my Github. Hello there! It has been a while since I wrote a blog, but I have been busy with other projects 🙂NTFS has a file called $Secure that contains security descriptors for all files on the system. $Secu...
Catie Walsh
My first post! As I recently completed the SysInternals Case by Ali Hadi, I thought this would be a great opportunity to post a write up for the challenge.Case Summary:The user downloaded what they thought was the SysInternals tool suite, double-clicked it, but the tools did not open and were not accessible. Since that time, the user has noticed that the system has “slowed down” and become less and less responsive.The goal; determine what happened and when.ToolsArsenal Image MounterAccessData FT...
Dany at Digitella
Hi everyone! Here are a few commands used in enumeration of firewalls and Windows Defender. The Get-NetFirewallProfile is useful in determing what type of firewalls are configured in the network. It also shows other important configurations listed in the screenshot. If you are looking for threats detected by Windows Defender, Powershell offers a cmdlet to find that information. It gives important information such as filename, if the file executed, the category ID, name of the threat, and severit...
Digital Forensics Myanmar
Get link Facebook Twitter Pinterest Email Other Apps January 13, 2023 View Or Download BitLocker Decryption Methods Get link Facebook Twitter Pinterest Email Other Apps Comments Post a Comment Popular posts from this blog eCDFP (Data Representation & File Examination) (Part-5) November 19, 2021 Exe Analysis EXE File တွေကို အခြားသော File Type တွေလိုပဲ Analysis, Extract ပြုလုပ်လို့ရပါတယ်။ Text, Document, Word File တွေကို ဖွင့်ကြည့်တာက Executing ပြုလုပ်တာမဟုတ်ပါ။ EXE File ကိုTEXT File လိုသဘောထားကြည...
Dr. Tristan Jenkinson at ‘The eDiscovery Channel’
The Importance of Data that Doesn’t Exist – Part One (Timelines) Tristan Jenkinson Digital Forensics, eDiscovery, Short Read January 9, 2023January 8, 2023 3 Minutes By Dr Tristan Jenkinson Introduction Happy New Year and welcome to 2023 on the eDiscovery Channel! Towards the end of last year, I saw a short post from Steve Nouri discussing survivorship bias. The principle is something that you may have seen discussed before (it regularly gets shared on sites such as LinkedIn). Nouri’s post share...
Oleg Afonin at Elcomsoft
January 10th, 2023 by Oleg AfoninCategory: «General» The updated iOS Forensic Toolkit 8.11 brings keychain decryption support to devices running iOS/iPadOS versions up to and including the 15.5 by using the extraction agent. The tool supports recent models that can run iOS 15 , which includes devices based on the Apple A12 through A15 Bionic, as well as Apple Silicon based devices built on the M1 SoC. What’s it all about? The ultimate goal of a forensic expert is extracting as much data from the...
Forensafe
13/01/2023 Friday Malwarebytes is a cross platform anti malware software taking a spot in the top 10 antimalware software around the world with its ability to detect various types of advanced malwares using advanced algorithms and cloud based system which uses AI to collect information about the detected malwares from users around the world making the software familiar and effective against a wide range of malwares. Digital Forensics Value of Windows MalwareBytes As a result of the high performa...
InfoSec Write-ups
Digital forensics is the process of uncovering and interpreting electronic evidence. It is a complex process that requires specialized tools, a comprehensive knowledge of computer hardware and software, and a methodical approach.Attack sideCounter-defense techniquesCounter-defense techniques are methods used by attackers to prevent digital forensics experts from uncovering evidence. By using these techniques, attackers can make sure they do not leave any traces of their activity in the system.Co...
Open in appSign upSign InWriteSign upSign InPublished inInfoSec Write-upsKarthikeyan NagarajFollowJan 10·3 min readSaveIllumination — HackTheBox Forensics Writeup with Flag | 2023HackTheBox’s Illumination Forensics Writeup — Easy | Karthikeyan NagarajDescription:A Junior Developer just switched to a new source control platform. Can you find the secret token?Task Files:Download the Task Files HereAnalysis:Let’s list all the contents of the Task FileWe found 2 Files and 1.git Directory2. Let’s Vie...
Matt Suiche at Magnet Forensics
This memory analysis post is authored by Matt Suiche (Director, Memory, IR & R&D). Memory Analysis is Essential for Incident Response Memory analysis is an essential component of incident response and network forensics. It involves leveraging various tools to capture and analyze memory dumps to uncover malicious activity, malicious code, and other forensically relevant evidence. Memory analysis allows you to investigate beyond what traditional EDR solutions can provide, which is especially impor...
William Suryajaya at MII Cyber Security
What is Cado Security?The Cado platform automates data capture and processing so security teams can easily understand threats without wasting time, money, or effort. Forensic-level detail without forensic-level effort.Cado Security empowers security teams with a robust platform that helps them get to the bottom of what happened. With Cado, what used to take analysts days, now takes minutes. Automate data collection. Process data at cloud speed. Analyze with purpose. No confusion, no complexity.H...
Oxygen Forensics
Berla iVe backups: Collecting data from Car Devices Posted on January 11, 2023 FacebookTweetLinkedIn Cars are an essential part of our everyday lives. As technology has advanced so has the functionalities of cars. In the U.S. alone, 91.6% of households own at least one vehicle and more are being made with the ability to connect to your phone, text, map a route, and even play games like today’s smartphones. Table of Contents What is Berla iVe? Collect data with Berla iVe backups in Oxygen Forensi...