本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
ThinkDFIR
May 17, 2023May 21, 2023 Phill Moore1 Comment I’m teaching FOR500 Windows Forensic Analysis in Singapore this week and something that was recently added to the class relates to a new(ish) discovery into the operation of Jumplists on Windows 10. During an update to the class it was discovered that when a folder is copied, the AutomaticDestination Jumplist file associated with Windows Explorer will track the folder copy operation as an interaction. How cool! Unfortunately this only relates to fold...
Brian Maloney at Malware Maloney
Show One Level Show Two Levels Show All Version: 22.002.0103.0002 22.007.0109.0002 22.012.0116.0001 22.012.0117.0003 22.017.0123.0001 22.022.0130.0001 22.027.0206.0002 22.033.0213.0002 22.040.0220.0002 22.040.0220.0003 22.045.0227.0003 22.045.0227.0004 22.050.0306.0001 22.060.0320.0001 22.065.0412.0004 22.070.0403.0002 22.077.0410.0007 22.082.0417.0001 22.089.0426.0003 22.093.0501.0001 22.099.0508.0001 22.105.0515.0001 22.105.0515.0002 22.111.0522.0002 22.116.0529.0002 22.116.0529.0003 22.121.06...
Forensafe
Blog << Window Remote Desktop Connection Events Log Investigating Window Remote Desktop Connection Events Log 18/03/2023 Thursday Remote Desktop Connection is a Windows built-in application. It is used to control remote systems by capturing their I/O devicesâ signals and transmits them to the controller device using the Remote Desktop Protocol (RDP). RDP is a secure network communications protocol developed by Microsoft. Digital Forensics Value of Remote Desktop Connection Events Log All of th...
ForensicXlab
May 19, 2023 4-minute read Memory Forensics DFIR • Memory Forensics • KeePass • Windows Abstract Link to heading On May 1st, 2023, vdhoney1 raised concerns about an issue found on KeePass 2.X 2 where he was able to reconstruct the master password. A POC 3 was later released by the researcher in dotnet, and another in python3 4. Today we will describe the vulnerability and see how we can create a volatility3 plugin to help forensics investigators retrieve passwords. Vulnerability description Link...
Invictus Incident Response
Importing Windows Event Log files into SplunkInvictus Incident Response·Follow4 min read·1 day ago--ListenShareThis blog post was first released on cloud-response.com one of our personal projects. We’ve decided to move it here, because that domain might go away and it’s a useful blog for a lot of people so we want to keep it around.IntroductionIn this blog post I will show you how to import Windows event log files in Splunk. I was inspired by this post on how to import ‘.evtx’ files into Elastic...
Mailxaminer
News SysTools Showcased MailXaminer in Police Expo 2022. Contact connect@systoolsgroup.com +1 888 900 4529 DEMO PRODUCT FEATURE GUIDE PRICING SUPPORT Home » Blog » Forensics » Guide on Apple Mail Forensics: Detailed Analysis Guide on Apple Mail Forensics: Detailed Analysis Mayank | Modified: 16-05-2023 | Forensics | 6 Minutes Reading Before moving ahead with the apple mail forensic, let’s first understand what Apple Mail is. Apple Mail or simply Mail is an email client which is inbuilt with all ...
Revo4n6
Revo 4n6Revo 4n6Revo 4n6Revo 4n6Revo 4n6Revo 4n6Revo 4n6Revo 4n6HomeBlog postsDocsAbout & ContactMoreHomeBlog postsDocsAbout & ContactHomeBlog postsDocsAbout & Contact Digital forensics unveiled - blog & news Copyright © 2023 Revo4n6 - All Rights Reserved. This website uses cookies.We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.Accept
Paritosh at System Weakness
Paritosh·FollowPublished inSystem Weakness·3 min read·3 days ago--ListenShareImagine yourself as the Sherlock Holmes of the digital age, equipped with a magnifying glass in the form of event logs. These logs are like secret scrolls, silently capturing every event, every action, and every mischievous attempt that occurs within a Windows environment. Your mission? To unlock the mysteries hidden within these logs, deciphering the clues that could save the day.Prepare yourself, for the realm of Wind...
