Hunt Evil: Your Practical Guide to Threat Hunting
This eBook will guide you through how to assess and improve your threat hunting capabilities, how to prioritize what to hunt…
Cyber Security Interviews: Harlan Carvey
Harlan Carvey, the author of Windows Forensic Analysis and Windows Registry Forensics, has been recently interviewed by Cybe…
Pharos: Static Binary Analysis Framework
The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University…
Windows Memory Analysis
As a continuation of the “Introduction to Memory Forensics” video, Richard Davis will show you how to use Volatility to anal…
Deep Analysis of New Poison Ivy Variant
Recently, the FortiGuard Labs research team observed that a new variant of Poison Ivy was being spread t…
Memory Acquisition and Virtual Secure Mode
Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows 10 and Server 2016, Microsoft add…
Scanning Memory with Yara
Memory analysis has been successfully utilized to detect malware in many high profile cases. The use of signature scanning t…
WMI Forensics
There are two scripts by David Pany, which can help an analyst to find evidence in WMI repositories: CCM_RUA_…
Gaslight: A comprehensive fuzzing architecture for memory forensics frameworks
Memory forensics is now a standard component of digital forensic investigations and incident response handling, since memory…
SANS Published New Memory Forensics Analysis Poster
Good news from SANS – they have published NEW Memory Forensics Analysis Poster! You can get your digital copy of …
