windows forensics – Page 10 – Cyber Forensicator

Windows, now with built in anti forensics!

One of our favorite forensicators – David Cowen, – has published a very interesting post in Hacking Exposed Comp…

News

Join our Telegram DFIR group!

Guys, we have created a Telegram group, where we will do our best to answer all your questions. We will be very happy if you…

Software

Fix acquired EVT files with evtkit

evtkit is a Python tool, which can help a computer forensic examiner to fix acquired Windows Event Log files. It’s lig…

Science

A Novel Method for Windows Phone Forensics

Mobile forensics is a branch of cyber forensics which helps in extracting evidence from mobile devices. A variety of softwar…

Tips & Tricks

Tracking threat actors through .LNK files

In this blog post guys from NVISO Labs answer Harlan Carvey’s question: “Did you parse the LNK file for things s…

Webinars

A Guide to Eric Zimmerman’s command line tools

SANS Instructor and Former FBI Agent Eric Zimmerman has provided several open source command line tools free to the DFIR Com…

Tips & Tricks

Is Fileless Malware Really Fileless?

Travis Smith has published a post about fileless malware on The State of Security. He notes that this type of malware isn…

How To

How to Load a SQL .bak File for Analysis, Without SQL Server Previously Installed

Brian Moran from BriMor Labs has posted an article on how to load a SQL .bak file for analysis, without SQL Server previousl…

How To

Forensics Analysis from Cloud Storage Client Application on Proprietary Operating System

Increased use of cloud storage services have become a necessity alternative that complements the main storage media in every…

Tips & Tricks

Tor Browser Artifacts in Windows 10

Here is a paper by Aron Warren from SANS Institute Reading Room site about Tor browser artifacts in Windows 10. The Tor netw…

Tag Archives: windows forensics

Windows, now with built in anti forensics!

Join our Telegram DFIR group!

Fix acquired EVT files with evtkit

A Novel Method for Windows Phone Forensics

Tracking threat actors through .LNK files

A Guide to Eric Zimmerman’s command line tools

Is Fileless Malware Really Fileless?

How to Load a SQL .bak File for Analysis, Without SQL Server Previously Installed

Forensics Analysis from Cloud Storage Client Application on Proprietary Operating System

Tor Browser Artifacts in Windows 10

About Us

Popular Posts

Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection

Cloud Forensics: Analyzing MEGASync

Windows 10 Forensics

Timeline

Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)

Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)

The PoSh Hunter CTF

Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis

Automated Hunting of Memory Resident Malware at Scale

Tag Archives: windows forensics

Follow Us

About Us

Popular Posts

Timeline

Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)

Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)

The PoSh Hunter CTF

Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis

Automated Hunting of Memory Resident Malware at Scale