Анализ
Хидеаки Ихара по лог-файлам
Олег Афонин об ApplePay — Analysing Apple Pay Transactions
Компьютерно-техническая криминалистика
https://kirjuri.kurittu.org/demo/index.php
https://github.com/AnttiKurittu/kirjuri
https://www.intaforensics.com/lima/
DVR Examiner
Amped FIVE
Elecard
UFED 4PC (with CHINEX, UFED Camera Kit)
Cellebrute UFED Touch
Oxygen Forensics DETECTIVE
XRY
Elcomsoft Mobile Forensic Bundle
UFED Cloud Analyzer
Oxygen Forensics DETECTIVE
Elcomsoft Cloud eXplorer
Easy Z3x JTAG BOX
Octoplus Box
Samsung anyway S101
PC-3000 Express Professional System (Acelab)
Data Extractor Express (Acelab)
PC-3000 Flash (Acelab)
Forensics Quickie: Methodology for Identifying Linux ext4 Timestamp Values in debugfs `stat` Command
Cloud Forensics in Breach Investigations
Anatomy of the thread suspension mechanism in Windows
Hasty Scripts: Capture Google Activity Log
Forensic Implications of Software Updates: iOS, Android, Windows 10 Mobile
Forensic Case Files: Employee Hard Drive Switcheroo
Memory Forensics Investigation using Volatility (Part 1)
SMB2 – File/Directory Metadata
Quickpost: Data Exfiltration With Tor Browser And Domain Fronting
Yet another way to hide from Sysinternals’ tools, part 1.5
Leveraging Emond on macOS For Persistence
We Smell a RAT: Detecting a Remote Access Trojan That Snuck Past a User
Hunting for Network Share Recon
Threat Spotlight: LockPOS Point of Sale Malware
New Year, New Look – Dridex via Compromised FTP
What can you do with 250K sandbox reports?
Interpreting Antivirus Detection Names
RIG Exploit Kit Delivers Ramnit Banking Trojan via Seamless Malvertising Campaign
A coin miner with a “Heaven’s Gate”
Huge Botnet Attacking Italian Companies
Decrypting malicious PDFs with the key, (Mon, Jan 15th)
Skygofree: Following in the footsteps of HackingTeam
Unpatched Oracle WebLogic Servers Infected with Cryptocurrency Software
The Big Zeus Family Similarity Showdown
Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in
Recent Campaign
Let’s Learn: Dissect Rig Exploit Kit Anti-Bot Filter Gate
LaZagne, a credentials recovery tool
Blockchain and Digital Forensics
Improved PRNU-Based Forgery Localization
The Power of Bro and why you should include it in your security infrastructure
Malware Data Science: Attack Detection and Attribution
Portable Dynamic Malware Analysis with an Improved Scalability and Automatisation
Growth in a Small Forensics Company – Our First Employee
Mobile forensic case study: Tennessee Dept. of Correction
from thisweekin4n6
Recovering deleted internet history from System Restore points
Windows Console Command History: Valuable Evidence for Live Response Investigation
iOS Imaging on the Cheap! – Part Deux! (for iOS 10 & 11)
Forensically Collecting Emails — 5 Things to Know
Evidence acquisition workflow in 5 steps
Defending Against an Advanced Persistent Threat (APT)
8 Steps to Start Threat Hunting
How Cyberbit Researchers Discovered a New Silent LockPoS Malware Injection Technique
Industrial Control Threat Intelligence
Using MISP to share vulnerability information efficiently
Sysmon-modular (GitHub)
Digital Forensic Analysis of Amazon Linux EC2 Instances
Threat Hunting for Internal RDP Brute Force Attempts
The Industrial Revolution of Lateral Movement
Unpacking Pykspa Malware With Python and IDA Pro – Subscriber Request Part 1
Memory Forensics Sodium Pentothal for Your Security
Microsoft Office DDE Detection
‘RubyMiner’ Cryptominer Affects 30% of WW Networks
Coin Mining By Opportunistic And Automated Threats
When Scriptlets Attack: The Moniker
CSE Malware ZLab – Double Process Hollowing -The stealth process injection of the new Ursnif malware
Reputations and PCI Data Breaches
How to mount Mac APFS images in Windows
Mounting an APFS image in Linux
Volatility plugin to extract BitLocker Full Volume Encryption Keys
A List of Incident Response sources
Mobile Forensic Process: Steps and Types
Safari Plugin Forensics – com.apple.Safari.plist
Practical Exercise – Image Carving
Automating the detection of Mimikatz with ELK
Working With Sysmon Configurations Like a Pro Through Better Tooling
Setting your Threat Hunting Calendar for 2018
Statistical Methods for Analyzing Event Time-Series Data in Digital Forensics
Malware Analysis – Unpack and Decompile Python-to-Exe Malware
Lab Setup – Setting up Python, Pip and Uncompyle6
New Python-Based Crypto-Miner Botnet Flying Under the Radar
How keyloggers works: a simple example of keyboard hooking using Python
Magnet Forensics in 2017 – A Look Back by the Numbers
iCloud Drive can strip (meta)data from your documents
Новые исследования в компьютерной криминалистике
Adventures in Laptop Forensics
Another OSX.Dok dropper found installing new backdoor
Snake malware ported from Windows to Mac
Super Free Music Player in Google Play is malware: a technical analysis
Police Backlogs—Is Throwing Bodies at the Problem the Answer?
Practical Packet Analysis Photo Contest