March 03, 2021

Cyber Forensicator

  • Articles
  • Books
  • Contact
  • How To
  • News
  • Presentations
  • Science
  • Software
  • Tips & Tricks
  • Videos
  • Webinars
  • White Papers
Home Tag Archives: incident response

Tag Archives: incident response

Articles

Threat Hunting: What it Is, and What it Is Not

Nowadays everybody is talking about threat hunting. Everyone wants to be a threat hunter. Every employer wants to hire a thr…

Articles

SQM: New Evidence of Execution Source?

Forensicating one of compromised hosts during our recent incident response activities we have found some interesting artifac…

Articles

Following the RTM

Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the t…

Articles

Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)

As was promised, we continue our Using MITRE ATT&CK for Forensics series. This time we are going to discuss another pers…

Articles

Using MITRE ATT&CK for Forensics: BITS Jobs (T1197)

If you are doing incident response, you must know what MITRE ATT&CK is. As it’s a great guide to threat actors tac…

Science

Detection of Algorithmically Generated Malicious Domain

In recent years, many malware writers have relied on Dynamic Domain Name Services (DDNS) to maintain their Command and Contr…

Software

AutoMacTC: Automated Mac Forensic Triage Collector

AutoMacTC is a modular forensic triage collection framework designed to access various forensic artifacts on macOS, parse th…

Software

Sysmon-Modular: A Sysmon Configuration Repository for Everybody to Customise

This is a Microsoft Sysinternals Sysmon configuration repository by Olaf Hartong, set up modular for easier maintenance and …

Presentations

Badly behaving scripts

As browser and operating system security have been improving, there has been a rise in conventional malware attacks relying …

How To

Extracting Activity History from PowerShell Process Dumps

Lee Holmes has posted about how to extract activity history from PowerShell process dumps. Such dumps may be gold mines, esp…

Page 1 of 1112345 10...Last

Follow Us

About Us

Cyber Forensicator is a web-project by Igor Mikhaylov and Oleg Skulkin aiming on collecting all most interesting and important cyber and digital forensics news, articles, presentations, and so on, in one place.

Popular Posts

Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection

October 20, 2017

Cloud Forensics: Analyzing MEGASync

April 15, 2018

Windows Phone Physical Imaging Without JTAG and Chip-off

June 3, 2018

Timeline

  • January 24, 2021

    Analyzing videos with multiple video streams in digital forensics

  • December 19, 2020

    PC3000 Portable III in Digital Forensics

  • December 18, 2020

    How to analyze different types of devices and find connections between them

  • July 5, 2020

    Threat Hunting: What it Is, and What it Is Not

  • May 24, 2020

    Utilities go for launch!

CyberForensicator.com © Copyright 2016-2021, All Rights Reserved

Login

Welcome!Log into your account