April 23, 2021

Cyber Forensicator

  • Articles
  • Books
  • Contact
  • How To
  • News
  • Presentations
  • Science
  • Software
  • Tips & Tricks
  • Videos
  • Webinars
  • White Papers
Home Tips & Tricks (page 2)

Tips & Tricks

Tips & Tricks

Knowledge is Power! Using the macOS/iOS knowledgeC.db Database to Determine Precise User and Application Usage

Sarah Edwards has posted her research of knowledgeC.db database. This database can be found on macOS and iOS devices. On Mac systems there is a system context database located in the /private/var/db/CoreDuet/Knowledge directory, and a user context database is located in the user’s ~/Library/Application Support/Knowledge/ directory. On iOS there is only one main knowledgeC.db database located in /private/var/mobile/Library/CoreDuet/Knowledge/. Full post can …

Read More
Tips & Tricks

Smartphone Acquisition: Adapt, Adjust and Get Smarter!

Heather Mahalik has posted about a list of recommendations on iOS and Android-based smartphones forensic acquisition. If you haven’t checked it yet, it’s high time to do it!

Read More
Tips & Tricks

Beginner Malware Reversing Challenges

The purpose of these challenges is to familiarize beginners with common malware techniques. Don’t worry if you can’t complete a challenge, the author will soon be creating a video explaining each one in detail.

Read More
Tips & Tricks

Detecting script-based attacks on Linux

In this post John Booth describes how to detect encoded or obfuscated command-lines used by attackers on Linus hosts. As you may already know, “these techniques have the additional benefit of avoiding the need to drop a file to disk, reducing the risk to an attacker of being detected by traditional anti-virus products.”

Read More
Tips & Tricks

Unlocking the DFIR Door

Here is a list of tips on getting hired in DFIR by Brett Shavers:

Read More
Tips & Tricks

XFS (Part 1) – The Superblock

Hal Pomeranz has started a series of blog posts about forensic analysis of XFS file system. XFS is becoming more common on Linux systems, but we are lacking forensic tools for decoding it. The first post will provide you with a quick overview of this file system, and focus on the superblock.

Read More
Tips & Tricks

Creating custom YARA rules

Didier Stevens has posted about how to use IOCs (Indicators Of Compromise) to create your own custom YARA rules. In the post he creates custom YARA rules to detect compromised CCleaner executables.

Read More
Tips & Tricks

Uh Oh! Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes via Disk Utility.app

Sarah Edwards has found a very usefull bug in macOS High Sierra – unified logs show plaintext password for APFS encrypted external volumes via Disk Utility. Learn more about it in this post.

Read More
Tips & Tricks

What “the Last Version of Windows” Means for Digital Forensics

In this post Jamey Tubbs, Magnet Software Training Director, shows how the latest versions of Windows 10 destroy digital evidence during updating process.

Read More
Tips & Tricks

Volatility: Proxies and Network Traffic

Marcus Bakker from MB Secure has published a tutorial on how to catch malware beaconing from an infrastructure where a non-transparent proxy is used for all outgoing network traffic.

Read More
Page 2 of 712345 ...Last

Follow Us

About Us

Cyber Forensicator is a web-project by Igor Mikhaylov and Oleg Skulkin aiming on collecting all most interesting and important cyber and digital forensics news, articles, presentations, and so on, in one place.

Popular Posts

Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection

October 20, 2017

Cloud Forensics: Analyzing MEGASync

April 15, 2018

Windows Phone Physical Imaging Without JTAG and Chip-off

June 3, 2018

Timeline

  • March 4, 2021

    Find out what happened during a ransomware attack on computer

  • January 24, 2021

    Analyzing videos with multiple video streams in digital forensics

  • December 19, 2020

    PC3000 Portable III in Digital Forensics

  • December 18, 2020

    How to analyze different types of devices and find connections between them

  • July 5, 2020

    Threat Hunting: What it Is, and What it Is Not

CyberForensicator.com © Copyright 2016-2021, All Rights Reserved

Login

Welcome!Log into your account