Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows 10 and Server 2016, Microsoft added the option to enable various forms of virtualization-based security (VBS), such as Credential Guard, Device Guard, Application Guard, and more. In the post you will learn which tools to use to overcome these new features.
-
Cloud Forensics: Box
It seems we really enjoy forensicating desktop apps for cloud services. Last week we start… -
The Magic of Raw Data Carving
You have used all of the utilities in your expensive forensic suite, and other programs to… -
Invoke-Adversary – Simulating Adversary Operations
Invoke-Adversary is a PowerShell script that helps you to evaluate security products and m…
Load More Related Articles
-
C2 Hunting
Here is the latest post by Jack Crook (@jackcr) in which he discusses detecting and/or hun… -
How to perform AWS Cloud Forensics
Here is a nice overview of EC2 instances volume and memory acquisition process, plus some … -
Forensic Review with Notepad++
In this post Hoyt Harness writes about how to add Plugin Manager to Notepad++ and make it …
Load More In How To