本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Zach Stanford, Yogesh Khatri, and Phill Moore at CyberCX
0xdf hacks stuff
forensics sherlock-constellation hackthebox dfir ctf sherlock-cat-threat-intelligence unfurl url-forensics exiftool osint linkedin url-discord url-google Jun 5, 2024 HTB Sherlock: Constellation Constellation is a fun Sherlock challenge largely focuced on forensics against URLs. Two URLs, from Discord and Google are shared, and I’ll use Unfurl to pull timestamps and other information from them to make a timeline of an insider threat interaction. Challenge Info Name Constellation Play on HackTheBo...
Adan Alvarez
Alex Teixeira
Brett Shavers
Bret at Cyber Gladius
Any good incident response plan should include tool preparation. There are so many tools you need to have ready that you will not have the time to build them once you are engaged in an incident. One of those tools is WinFE for forensic imaging and system investigations. Many Incident Responders will use a bootable live Linux distro, like Kali, in forensic mode. However, there are many scenarios where a Linux OS is not the best fit for the job, and you need a Windows system. So, I argue that you ...
Cyber Triage
Decrypting a Defense
digitalforensicslas.substack.comCopy linkFacebookEmailNoteOtherConsumer AI Spying, NYPD Transparency (Failures), Facial Recognition Bans, Jail Surveillance & MoreVol. 5, Issue 6The Digital Forensics UnitJun 03, 2024Share this postConsumer AI Spying, NYPD Transparency (Failures), Facial Recognition Bans, Jail Surveillance & Moredigitalforensicslas.substack.comCopy linkFacebookEmailNoteOtherSharePhoto by Donald Giannatti on UnsplashJune 3, 2024Welcome to Decrypting a Defense, the monthly newslette...
Django Faiola at ‘Appunti di Informatica Forense’
Skip to content Appunti di Informatica Forense Digital Forensics and Incident Response Research Home page Downloads lunedì 3 giugno 2024 Published giugno 03, 2024 by Django Faiola with 0 comment iOS Uber - Request a ride Indice dei contenuti Percorsi Account Indirizzo dell'utente e veicoli nelle vicinanze Profilo pagamenti Corse cercate e luoghi Geo-Locations (SQLite) Introduzione a LevelDB Geo-Locations (LevelDB) iLEAPP PremessaAlcuni giorni fa ho pubblicato l'articolo di Google Translate con i...
Forensafe
07/06/2024 Friday An iPhone device can be used as a portable recording device with the help of the Voice Memos app. It can be used to record personal voice notes, lectures, meetings, and interviews. This app features voice editing tools such as replace, trim, and resume. Additionally, it supports iCloud synchronization, ensuring recordings are accessible across all Apple devices linked to the same account if the user chooses to upload the recorded memos to iCloud. Users can also easily share the...
Hal Pomeranz at ‘Righteous IT’
Posted on June 4, 2024 by Hal Pomeranz In my last blog post, I covered Systemd timers and some of the forensic artifacts associated with them. I’m also a fan of Thiago Canozzo Lahr’s UAC tool for collecting artifacts during incident response. So I wanted to add the Systemd timer artifacts covered in my blog post to UAC. And it occurred to me that others might be interested in seeing how to modify UAC to add new artifacts for their own purposes. UAC is a module-driven tool for collecting artifact...
Magnet Forensics
The two types of extractions for mobile device investigations are full file system extractions and logical. It’s important to know the difference, since iOS and Android devices in digital forensics have become increasingly important in both law enforcement and corporate investigations. Mobile device evidence can be critical to the investigations of fraud, intellectual property theft, policy violations, litigation support, insurance investigations, and eDiscovery. Knowing the critical nature of m...
In this series, Chad Gish, CID/SISU Detective, Metropolitan Nashville Police Department shares some noteworthy cases in his extensive career where pivotal artifacts, and tools like Magnet Axiom, were able to help close a difficult case. Being a digital forensic investigator isn’t easy. Long days of inspecting some of the worst material humanity creates, searching for clues; carving through petabytes of pointless information to find the one piece of evidence crucial to solving a case. But the sat...
Faishol Hakim at MII Cyber Security
Nithin Chenthur Prabhu
Malware DevelopmentRansomwareRootkit AnalysisPosted by June 3 2024 / Malware Development / Malware Analysis / DFIRMalware Development, Analysis and DFIR Series - Part IIIUpdated on June 3 20243794 words18 minutes read... visitsMalware Development, Analysis and DFIR SeriesPART IIIIntroductionIn this post, we will delve into windows memory internals, understand how memory is managed in windows as well as process internals. we wil also look into segmentation and its role in x86 memory address trans...
St. Johns Data Consulting
Capturing iOS Crash logs for Forensic Analysis By: SJDC|Published on: Jun 2, 2024|Categories: Uncategorized| 0 comments The purpose of this post is to provide instructions for the capture of iOS crash logs, including sysdiagnose logs, after they’ve been created. These logs can also be highly relevant to a digital forensic analysis and thus it is important to create and capture these logs in every iPhone/iPad forensic collection. Crash logs may not be captured during a forensic acquisition and th...
By: SJDC|Published on: Jun 2, 2024|Categories: Uncategorized| 0 comments The purpose of this post is to provide digital forensic examiners a user-friendly guide (available publicly here) for forensic analysts to trigger (capture on a iPhone/iPad) a “sysdiagnose” log of events. Capturing Android crash logs is covered in a separate post. Typically sysdiagnose is used by Apple and/or Developers to investigate and diagnose application/OS bugs. These logs can also be highly relevant to a digital fore...
