Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows 10 and Server 2016, Microsoft added the option to enable various forms of virtualization-based security (VBS), such as Credential Guard, Device Guard, Application Guard, and more. In the post you will learn which tools to use to overcome these new features.
-
-
AutoMacTC: Automated Mac Forensic Triage Collector
AutoMacTC is a modular forensic triage collection framework designed to access various for… -
The Five Most Dangerous New Attack Techniques and How to Counter Them
Which are the most dangerous new attack techniques? How do they work? How can you stop the…
Load More Related Articles
-
Digging Up the Past: Windows Registry Forensics Revisited
David Via from FireEye has written a very good article focused on the following known sour… -
Extracting Activity History from PowerShell Process Dumps
Lee Holmes has posted about how to extract activity history from PowerShell process dumps.… -
An introduction to file-system post-mortem forensic analysis
Computer Incident Response Center of Luxembourg has published materials used during their …
Load More In How To
