Andrea Fortuna created the AutoTimeliner, a tool that “automagically extract forensic timeline from volatile memory dumps.” It constructs the timeline based on the output of the following Volatility plugins: timeliner, mftparser, and shellbags. You can download the tool here.
-
Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)
First of all, I would like to thank all of those who liked and retweeted the previous arti… -
The PoSh Hunter CTF
If you want to test your PowerShell skills and interested in threat hunting – the Po… -
Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
Last week Sarah Edwards attended MacDevOpsYVR in Vancouver, Canada, and had a talk about h…
Load More Related Articles
-
Automated Hunting of Memory Resident Malware at Scale
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, imp… -
Autopsy 4.11.0 Released
The new version of Autopsy has been released. New Features: Adding Data: Hashes can option… -
Extract Configuration Data of Known Malware with MalConfScan
JPCERT has released a Volatility plugin called MalConfScan. The plugin can be used to extr…
Load More In Software
