In this video Mark Baggett will show you how you can use a tool named SRUM-DUMP to capture critical DFIR (Digital Forensics and Incident Response) data like the dates and times processes were executed, which networks they used, how much data was transmitted and received, the Security Identifier of the user that launched the process and more. Then Mark will show you a tip that developers of forensics tools can use to convert binary flags into their associated text descriptions.
-
50 Shades of Ransomware
Ransomware is still one of the most common types of malware deployed during cyberattacks. … -
Tools up: the best software and hardware tools for computer forensics
Igor Mikhailov is a digital forensic analyst of the digital forensic laboratory at Group-I… -
Following the RTM
Researchers became aware of the activities of the RTM group in December 2015. Since then, …
Load More Related Articles
-
Step by Step Guide to iOS Jailbreaking and Physical Acquisition
Oleg Afonin from Elcomsoft has posted a step by step guide on how to perform jailbreaking … -
Creating a File System Image of iOS12
Apple’s iOS 12 is the latest iteration in their mobile device software. With each it… -
Parsing Carved EVTX Records Using EvtxECmd
Teru Yamazaki has posted about how to extract Windows Event Log files from allocated space…
Load More In How To