解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 30 – 2024 - MISCELLANEOUS

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。

MISCELLANEOUS

Alican Kiraz

Binary Defense

Martin Pearson at Black Hills Information Security

by Martin Pearson || Guest Author This article was originally published in the second edition of the InfoSec Survival Guide. Find it free online HERE or order your $1 physical copy on the Spearphish General Store. A home lab will not only enhance your learning opportunities, but can also give you a safe place to play by using virtual machine to emulate a computer, giving you the ability to easily make mistakes with no fear of harm to your personal setup. Practicing on entry-level product is a gr...

Brett Shavers

Chris Hayes at Reliance Cyber

Chris Hayes - 17 July 2024 Search Categories Best Practice eBooks eGuides Further Reading Case Studies Research & Thought Leadership News & Events Using DigiCert as the certificate Authority Introduction Velociraptor is a robust open-source tool designed for endpoint monitoring and digital forensics and response. Whether you deploy it on-premise or in the cloud, securing communication between the Velociraptor server and its clients is crucial. This blog post will guide you through creating and i...

Forensic Focus

Kevin Beaumont at DoublePulsar

Mathilde Boivin at Lexfo

Mon 08 July 2024 by Mathilde Boivin in Cti. Threat intelligence Tool Table of contentsIntroductionContextExpectationsImplementationScrapingGrammarParsingStoring and using collected dataConclusionIntroductionThis blog post introduces a tool that extracts stolen credentials from text files coming in varying formats in order to address CTI and Red Teaming needs.ContextInformation stealers (or more commonly “infostealers” or “stealers”) are malwares designed to collect sensitive data from in...

Matt Suiche

Jul 20, 2024 · 1048 words · 5 minute read Already dubbed “The Largest IT, Outage In History, the CrowdStrike update from July 18, 2024, has affected at least 8.5 million Windows devices, according to Microsoft. Several of these devices are critical assets and run multiple essential services. For instance, I was unable to pay for my coffee in Dubai because the payment systems used by the coffee shop were down, and a friend lost her passport while stranded in Barcelona due to flight disruptions....

Salvation DATA

Knowledge 2024-07-25 A digital forensic examiner is an important part of the investigation process because they restore and look over digital data to help solve many types of crimes. These jobs are becoming more and more important as we move through a time when digital tracks are a big part of daily life. The very important job of these inspectors is to look through digital devices and get, store, and evaluate data that could be used as key proof in both civil and criminal cases. They do importa...

SANS

SANS Institute How to Become an OSINT Investigator Explore the role, daily duties, and career progression of an OSINT Investigator. July 23, 2024 In our increasingly connected world, the role of an Open-Source Intelligence (OSINT) Investigator is becoming more crucial than ever before. This blog will guide you through the steps to become an OSINT Investigator, covering skills development, practical experience, and career growth.What is an OSINT Investigator?An OSINT Investigator is a professiona...

Sky Blueteam

Jun 18, 2024 · 1398 words · 7 minute read Summary 🔗How we use Nix to create a reproducible forensics analysis environment, and how it differs from more traditional methods, such as Docker or manual package installation. We will highlight the challenges of maintaining consistent setups across different machines and analysts, and how we used Nix to fix that. As a bonus, Nix allows us to transfer our forensics environment to untrusted machines easily. We published our environment in nix-forensics: ...

The Security Noob.

Posted on 23/07/202423/07/2024 Mastering PowerShell Scripting – Fifth Edition: Automate repetitive tasks and simplify complex administrative tasks using PowerShell by Chris Dent is an outstanding resource tailored for IT professionals, system administrators, and developers aiming to maximize the potential of PowerShell scripting. This updated edition offers a thorough exploration of the latest advancements in PowerShell, providing a deep dive into automation and administrative task simplificatio...