Spotting the Signs of Lateral Movement
Derek King has published another post as part of his “Hunting with Splunk: The Basics” series. This time he is d…
Magnet AXIOM Incident Response Examinations (AX310)
Magnet Forensics announced a new expert-level four-day training course. It is designed to give you the knowledge and skills …
Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents
Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in this…
Memtriage v0.2-alpha Released
0.2-alpha version of memtriage has been released. This tool allows you to quickly query a Windows machine for RAM artifacts.…
Hands-On Network Forensics: Investigate network attacks and find evidences using common network forensic tools
A new book by Arthur Salmon has been announced by Packt Publishing. The book is titled “Hands-On Network Forensics: In…
SANS Hunt Evil Poster Updated
SANS has updated their Hunt Evil poster. It includes information about typical Windows processes, evidence of remote access …
Join our Telegram DFIR group!
Guys, we have created a Telegram group, where we will do our best to answer all your questions. We will be very happy if you…
Eric Zimmerman Updated Most of His Tools
Eric Zimmerman has updated most of his tools: WxTCmd, Hasher, Timeline Explorer, ShellBags Explorer, AppCompatCacheParser, A…
The Newest Version of SANS Windows Forensic Analysis Poster is Online
SANS DFIR posted the newest version of Windows Forensic Analysis poster. Updated Windows Time Rules table, lots of artifacts…
Dear Blue Team: Forensic Advice to Non-Forensic Professionals to Supercharge Organization DFIR
In an age where data breaches and malware infections are quickly becoming the norm, we must prepare for Digital Forensics an…
