The PoSh Hunter CTF
If you want to test your PowerShell skills and interested in threat hunting – the PoSh Hunter CTF is for you. …
-
Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)
First of all, I would like to thank all of those who liked and retweeted the previous arti…
-
Using MITRE ATT&CK for Forensics: BITS Jobs (T1197)
If you are doing incident response, you must know what MITRE ATT&CK is. As it’s …
-
Deleting Any Message from Both Ends in Telegram: How Will It Impact Mobile Forensics?
On Marth 24th Telegram released a new version of their messenger, and introduced a new fea…
Cyber Forensics Blog
Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
Last week Sarah Edwards attended MacDevOpsYVR in Vancouver, Canada, and had a talk about her simple tool for advanced forens…
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis …
DFIR CTF – Email took my money
Antonio Sanz has created a DFIR CTF, which offers you to forensicate an incident resulted in €100k loss for Minerías Alcazar…
Show More News
