本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Cyber 5W
Memory Forensics - Practical Example, Detect Classic Remote Process Injection 5 minute read At times, following a system compromise, it becomes crucial to retrieve forensically significant data. RAM, being volatile, has a transient nature. With each system reboot, the memory in RAM is cleared. Consequently, if a computer is breached and subsequently restarted, substantial information detailing the sequence of events leading to the system compromise may be lost. Today we will show in practice how...
Malware Analysis - How to Bypass Anti-Debugging Tricks - Part 1 2 minute read Today, we will show how to bypass Anti-Debugging trick of our simple malware written in C/C++. There are different characteristics that serve as indicators that a malware analyst is conducting a manual inspection of the malicious application. Malware authors can avoid this by checking for these characteristics, which also impede the analyst’s ability to reverse-engineer the malware code. IsDebuggerPresent For example a...
Oleg Afonin at Elcomsoft
Forensically Sound Cold System AnalysisA Comprehensive Guide to Essential Tools for Elcomsoft iOS Forensic ToolkitiOS Forensic Toolkit 8 Lands on WindowsOpen-Sourcing Orange Pi R1 Plus LTS Software for Firewall Functionality: Secure Sideloading of Extraction AgentBest Practices in Mobile Forensics: Separating Extraction and AnalysisApple iCloud Acquisition: A Lifeline for Forensic ExpertsiOS Device Acquisition: Installing the Extraction AgentiOS Forensic Toolkit Tips & TricksLow-level Extraction...
Matt Shannon at F-Response
F-Response and Apple, 2024 Edition Jan 08, 2024 It's been a few years since we broke down the complete situation with remote data collection and Apple computers. I figured now was a good time to do that again. Photo by Alireza Khoddam on Unsplash TLDR; It hasn't gotten easier. Forensic disk imaging is pretty much out. File and folder remote data collection is still available. Apple's security posture remains largely the same. There are no good options for performing remote full disk forensic ima...
Forensafe
12/01/2024 Friday The call log is a record of incoming, outgoing, and missed calls on a device. These logs include essential details such as the contact's name or phone number, call type, date, time, and call duration. On Apple devices, such as iPhones, the iOS call log is synchronized across all linked Apple devices, and it also integrates FaceTime calls, both audio and video. It may also contain information about interactions with third-party calling apps. The iOS call log serves as a valuable...
Oxygen Forensics
January 10, 2024 It is important to understand Huawei forensics due to its global popularity – extraction methods, and tools that can help with your investigation. Android Blog Extracting Data from UNISOC-based Devices October 09, 2023 Learn more about what a UNISOC chipset is and how investigators can extract data from UNISOC-based devices using Oxygen Forensic® Detective Android Blog APK Downgrade September 26, 2023 Learn how to execute APK Downgrade in Oxygen Forensic® Detective. Products All...
Pending Investigations
Dissect vs SysInternals Case Part 1: Planning and Testing Investigating Windows Systems with Dissect – IWS Chapter 2 Reversing.kr Walkthroughs Part 1 EscapeRoom (CyberDefenders) About Me Dissect vs SysInternals Case, Part 2 If you’re curious about how dissect works, or why I took this approach to using it, have a look at my previous post. Recap: Mini-Timelines In Part 1, we hammered out an approach to pulling out a mini-timeline using dissect to get a bird’s-eye view for the 3 minutes surroundin...
Salvation DATA
Knowledge 2024-01-08 Content Introduction VIP 2.0 DME Forensics Wondershare Recoverit DiskInternals DVR Recovery Dolphin DVR Recovery Tips for Selecting Video Recovery Software for Dahua DVR/NVR Conclusion Content Introduction VIP 2.0 DME Forensics Wondershare Recoverit DiskInternals DVR Recovery Dolphin DVR Recovery Tips for Selecting Video Recovery Software for Dahua DVR/NVR Conclusion Introduction The realm of digital surveillance has evolved significantly, with systems like DVR Dahua leading...
Knowledge 2024-01-10 Content Introduction Market Trends in 2024 CCTV DVR Data Recovery Case Study Digital Forensics Software Landscape Conclusion Content Introduction Market Trends in 2024 CCTV DVR Data Recovery Case Study Digital Forensics Software Landscape Conclusion Introduction In today’s rapidly evolving digital landscape, digital forensic analysis has become a cornerstone of the security and surveillance industry. This field, essential for ensuring integrity and reliability, is experienci...
