Eric Zimmerman has released a new tool. This time it’s Recycle Bin artifact parser called RBCmd. It supports both INFO2 and $I formats. You can download the tool here.
-
Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)
As was promised, we continue our Using MITRE ATT&CK for Forensics series. This time we… -
Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)
First of all, I would like to thank all of those who liked and retweeted the previous arti… -
The PoSh Hunter CTF
If you want to test your PowerShell skills and interested in threat hunting – the Po…
Load More Related Articles
-
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, imp… -
Autopsy 4.11.0 Released
The new version of Autopsy has been released. New Features: Adding Data: Hashes can option… -
Extract Configuration Data of Known Malware with MalConfScan
JPCERT has released a Volatility plugin called MalConfScan. The plugin can be used to extr…
Load More In Software
