Forense nella Nebbia
Sunday, February 21, 2021
Building a Linux profile for Volatility 2 and 3
›
I needed to analyze a memory dump with Volatility 2/3. These are the steps I followed to build a Linux profile based on Red Hat Enterprise L...
Friday, December 4, 2020
Let's combine EvtxEcmd with LogonTracer
›
This blog post aims to show how to combine EvtxECmd (v0.6.0.3) with LogonTracer (v1.5.0) during the analysis of Windows Event Log events. ...
Thursday, April 11, 2019
Nest camera app (DFRWS2018 Challenge)
›
Last February, I started playing the DFRWS 2018 challenge: http://dfrws.org/dfrws-forensic-challenge https://github.com/dfrws/dfrws2018-...
Sunday, January 27, 2019
Using small details to add additional context to other artifacts
›
This is a quick post on some files that could add additional context to other artifacts. VLC media player (tested version: 3.0.5 / 3.0.6) ...
4 comments:
Thursday, December 6, 2018
What was my IP? Ask DoSvc on Windows 10
›
Introduction I recently watched the recording of the interesting talk Windows Forensics: Event Trace Logs that Nicole Ibrahim gave at...
1 comment:
›
Home
View web version
