How to Intercept IP Connections in a Malware Analysis Lab
SANS Institute has presented a short tutorial with Lenny Zeltser on how to intercept IP connections in a malware analysis la…
Open Sourcing JA3: SSL/TLS Client Fingerprinting for Malware Detection
A JA3 hash represents the fingerprint of an SSL/TLS client application as detected via a network sensor or device, such as B…
Finding and Decoding Malicious PowerShell Scripts
Mari DeGrazia has published a very useful post, which will help you to learn how to find and decode malicious PowerShell scr…
Memory Forensics in Clouds and Containers
Alex Maestretti has published an interesting post about userland memory acquisition and targeted analysis of memory at …
AUMFOR – Automatic Memory Forensics
AUMFOR is a GUI based tool which can help a digital forensic investigator by performing all complex and tedious work automat…
Introduction to Redline
As a continuation of the “Introduction to Memory Forensics” series, Richard Davis taking a look at Redline – a free analysis…
Taking Hunting to the Next Level: Hunting in Memory
The vast majority of threat hunting takes place on easily visible and accessible system artifacts. These include log entries…
Investigating Malware Using Registry Forensics
Here is Jason Hale’s talk from Louisville Infosec 2017 titled “Investigating Malware Using Registry Forensi…
CCleaner v5.33 Malware (Supply Chain Attack)
Richard Davis has posted a fresh video discussing the CCleaner malware incident reported by Cisco’s Talos Intelligence …
Get Practical Windows Forensics for Free!
Today you have a unique opportunity to get a digital copy of Practical Windows Forensics (Packt Publishing) by Aym…
