解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 17 – 2024 - FORENSIC ANALYSIS

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。

FORENSIC ANALYSIS

Deagler’s 4n6 Blog

Hexordia Weekly CTF Challenge 2024 - Week 2 Writeup Get link Facebook Twitter Pinterest Email Other Apps April 22, 2024 Following the 1st week of the Hexordia Weekly CTF Challenge 2024, we are now into week 2 of this CTF. The challenges of this week consisted of Android-related challenges only:Android - Total Freedom (10 marks)What URL was opened after pasting language from ONeal's gist?After reading the question, we would be most likely looking for web browsing history on the Android image sinc...

DS4N6

This website www.ds4n6.io uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page. OK HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE T...

This website www.ds4n6.io uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page. OK HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE T...

This website www.ds4n6.io uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page. OK HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE T...

This website www.ds4n6.io uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page. OK HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE TOOLS NEWS EVENTS COMMUNITY CONTACT HOME ABOUT BLOG KNOWLEDGE T...

Forensafe

26/04/2024 Friday Android Zoom is a meeting application designed to help its users schedule their own meetings, join virtual meetings and video conferences, and chat with contacts. The user can join a meeting established on Zoom with only one click and without even signing up. Zoom tries to make its users’ lives easier by providing the feature of signing up using their Google or Facebook accounts. The app supports hosting or attending meetings with up to hundreds of participants, making it sui...

HackTheBox

Windows event logs can provide valuable insights when piecing together an incident or suspicious activity, making them crucial for analysts to understand. sebh24, Apr 23 2024 Table of Contents What are Windows event logs? Why is event log analysis important? Components of event logs Essential Windows event logs Windows system logs: Windows security logs: Practice Windows event log analysis on HTB Sherlocks How to analyze suspicious activity with Windows event logs and Sysmon Log collection using...

Ryan Robinson and Nicole Fishbein at Intezer

Written by Ryan Robinson and Nicole Fishbein - 23 April 2024 Δ Share article Get Free AccountJoin Now Memory forensics is an important part of incident response and threat analysis, as new threats and sophistication emerge in the evolving cybersecurity landscape. Unlike traditional methods focusing on hard drive analysis, memory forensics dives into the volatile memory, aiming to uncover evidence of malware infections and other illicit activities that leave footprints in a system’s RAM. Investig...

Justin De Luna at ‘The DFIR Spot’

Linux Forensics - Collecting a Triage Image Using The UAC ToolLet’s discuss a topic that I feel like doesn’t get enough coverage or is the “unspoken” or “daunting” territory of Digital Forensics and Incident Response (DFIR). I’m going to say the words… LINUX FORENSICS. Oh yeah, this blog post is going to discuss how to collect a triage image of a nix box. This is a tool that you need to add to your toolkit and have at the ready when it comes to triaging nix systems. Before we talk about the tool...

Magnet Forensics

What is a Jump List? The term “Jump List” is used quite frequently in digital forensics and discussions regarding artifacts found on computers. A Jump List provides users quick access to recently used files, tasks, or applications. The primary purpose of a jump list is to enhance the user experience and productivity by allowing the user to easily navigate to frequently accessed items without having to search through directories or menus. Many users and digital forensic examiners quickly think of...

Salvation DATA

Work Tips 2024-04-28 Content Intro Analysis to Extract Data from iPhone Effectively Steps to Extract Data from iPhone Using iTunes Conclusion Content Intro Analysis to Extract Data from iPhone Effectively Steps to Extract Data from iPhone Using iTunes Conclusion Intro When extracting data from iPhone using iTunes, investigators may face incomplete backups, leading to no data for analysis.This issue often arises due to insufficient storage space on the default C drive path used by iTunes.Since iT...

SANS

iOS Third-Party Apps Forensics Reference Guide Poster The aim of this poster is to provide a list of the most interesting files and folders in the “Data” folder for the most commonly used third-party apps. April 26, 2024 Download Related Content Blog Digital Forensics, Incident Response & Threat Hunting April 19, 2024 Following the Trail of Threat Actors in Google Workspace Audit Logs Many of the events we highlight in this blog post and the cheat sheet occur as part of normal business opera...

Android Third-Party Apps Forensics The aim of this poster is to provide a list of the most interesting files and folders in the “Data” folder for the most commonly used third-party apps. April 26, 2024 Login to download Download Related Content Blog Digital Forensics, Incident Response & Threat Hunting April 19, 2024 Following the Trail of Threat Actors in Google Workspace Audit Logs Many of the events we highlight in this blog post and the cheat sheet occur as part of normal business operat...

Taz Wake

Agree & Join LinkedIn By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy. Sign in to view more content Create your free account or sign in to continue your search Sign in Welcome back Email or phone Password Show Forgot password? Sign in or By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy. New to LinkedIn? Join now or By clicking Continue to join or sign in, you agree...