Hunting Webshells on Microsoft Exchange Server
Microsoft Exchange Servers are a high value target, making investigation of them during Incident Response vital, but where d…
PPEE: cross-platform PE explorer
If you prefer to use different platforms for malware analysis and forensics, here is a good fresh tool for you – PPEE …
Automating print logging for DFIR purposes
Medium user @rootsecdev has published a post on how to automate print logging for DFIR purposes. In the post the author show…
Brush up on Dropbox DBX decryption
Francesco Picasso from Zena Forensics has published a blog post on how to decrypt Windows Dropbox DBX files. Reading the pos…
Windows, now with built in anti forensics!
One of our favorite forensicators – David Cowen, – has published a very interesting post in Hacking Exposed Comp…
Cloud Forensics – A Framework for Investigating Cyber Attacks in Cloud Environment
With the rapid growth of cloud adoption in both private and public sectors globally, cloud computing environment has become …
PsychoHasher: A Cross Platform Hashing Tool
PsychoHasher is a Java based open source tool for generating and verifying hashes for text, files, combined digest for multi…
Network Forensics for Detecting Flooding Attack on Web Server
Flooding attack is one of the serious threats of network security on Web servers that resulted in the loss of bandwidth and …
BTRFS Forensic Analysis
Here is a nice presentation by Safaa Hraiz on BTRFS forensic analysis: …
A Comparison of Encryption Tools for Disk Data Storage from Digital Forensics Point of View
A closer look from a digital forensics point of view may help examiners to find and understand vulnerabilities in cryptograp…
