This Autopsy plugin by Rebecca Anderson won Autopsy Plugin Contest this year at Open Source Digital Forensics Conference (OSDFCon). It searches Virus Total for SHA1 hashes of executables from amcache. You can get the plugin here.
-
Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)
First of all, I would like to thank all of those who liked and retweeted the previous arti… -
The PoSh Hunter CTF
If you want to test your PowerShell skills and interested in threat hunting – the Po… -
Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
Last week Sarah Edwards attended MacDevOpsYVR in Vancouver, Canada, and had a talk about h…
Load More Related Articles
-
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, imp… -
Autopsy 4.11.0 Released
The new version of Autopsy has been released. New Features: Adding Data: Hashes can option… -
Extract Configuration Data of Known Malware with MalConfScan
JPCERT has released a Volatility plugin called MalConfScan. The plugin can be used to extr…
Load More In Software
