本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Adam Messer
Baris Dincer
Belkasoft
Challenges in Digital Forensics: The Case of the Trump Rally Shooter's Phone According to CNN, two days after Donald Trump's assassination attempt at his rally, the FBI was able to gain access to the cell phone of the shooter, Thomas Matthew Crooks. Investigators are searching the phone for clues about Crooks' motive and mindset but still have no leads. What took so long to get into his phone, and what can the FBI find on it? To answer these questions, it is necessary to understand the specifics...
Digital Forensics Myanmar
eCDFP (Module-6) (Window Forensics) (Part - 2 ) Get link Facebook Twitter Pinterest Email Other Apps July 16, 2024 LNK File (Shortcut) File တွေကို User ကနေ Create လုပ်တာရှိသလို Window Operation System ကနေလဲ Create လုပ်တာတွေရှိနိုင်ပါတယ်။ LNK File (Shortcut) File တွေ့နိုင်တဲ့ နေရာတွေက အောက်ဖော်ပြပါနေရာများဖြစ်ပါတယ် --- LNK File (Shortcut) - File Location (Window 7 To Window 11) C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\RecentOn the desktop ( User Created Easily Access To Application &...
eCDFP (Module-6) (Window Forensics) (Part - 3 ) Get link Facebook Twitter Pinterest Email Other Apps July 17, 2024 Forensics Analysis လုပ်တဲ့အခါ Computer ထဲကနေ Photo တွေ Recovery လုပ်တယ်။ အရင်ကဖျက်ထားတဲ့ Photo တွေရလာမယ်။ ဒါမျိုးက သိပ်ဆန်းတဲ့ ကိစ္စမဟုတ်။ ဖျက်ထားတဲ့ Photo တွေက Storage ထဲမှာ ကျန်နေသေးတဲ့အတွက် Recovery ကနေ Photo အပြင်ကျန်တဲ့ Data တွေပါရလာနိုင်ပါတယ်။ Photo တွေက Storage ထဲမှာလုံး၀ကိုမရှိတော့ရင် Recovery မရနိုင်လျင် ဘယ်လိုလုပ်မလဲ။ ????? Computer အပြင် Phone တွေမှာလဲ Thumbnail File က ဓာ...
Forensafe
19/07/2024 Friday AVG Antivirus is a security program designed to defend computers and mobile devices from viruses, spyware, and other malicious software. The software continuously monitors the host device to detect and isolate any potential threats. AVG Antivirus scans the host environment to detect existing infections. Additionally, it offers real-time protection by examining incoming email attachments, downloaded files, and other potential sources of infection. Digital Forensics Value of Andr...
Gabe Renfro and Jake Plant at GuidePoint Security
Husam Shbib at Memory Forensic
Husam ShbibJul 10, 2024Jul 11, 2024 Credit These samples were shared by various sources, but the pinesol93 consolidated them into one repository. Credit goes to the respective creators. Introduction To enhance your memory analysis skills, you’ll need access to memory images from devices, typically ones infected with malware. You have two options: Create your own samples, which we will cover in a separate post.. Use pre-existing samples available online (through practicing on cloud labs) or offli...
Husam ShbibJul 18, 2024Jul 18, 2024 Credit We have faced this challenge in the qualification round of the Black Hat MEA CTF 2022. This challenge was made by BlackHat MEA Team. Credit goes to the respective creators. Challenge Scenario “My work PC has suddenly crashed. I can no longer retrieve my secret file, also I don’t remember the password. It is a hard password and securely generated, but I saved it locally. Can you help me recover the content?” Downloading the Memory Dump / Running on the C...
Kevin Stokes
Dan Aschwanden and Mikhail Bushkov at Open Source DFIR
Get link Facebook Twitter Pinterest Email Other Apps By Joachim Metz July 15, 2024 GRR with GCS Blobstore and Cloud Pub/Sub ServiceAuthored by Dan Aschwanden and Mikhail Bushkov, copied with permission.IntroductionIn this article we provide a macro-level outline of how GRR Rapid Response (or GRR) can make use of Google Cloud Storage (GCS) Buckets for its blobstore as well as using Cloud Pub/Sub to communicate with Fleetspeak.Leveraging GCS Buckets and Cloud Pub/Sub could be beneficial if you are...
