Recent Twats
- @PatrickElOso Today I don't feel like doing anything I just wanna lay in my bed Don't feel like picking up my phone, so leave a message...
- RT @RealGilbert: The RIP Eddie Murphy reports are false! The cops found a dead black guy and just assumed it was either Eddie Murphy or ...
- Why Twitter’s new policy is helpful for free-speech advocates - http://t.co/lMFgD7F1
Archives
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
Category Archives: forensics
Computer Forensics practice
You’ve just finished receiving digital forensics training or acquired a new tool (FTK, Encase, Sleuth). Now what? You’re waiting for some real cases to crack. In the meantime, over on the SANS Forensics blog, Ken Pryor has posted an excellent … Continue reading
REMnux: Distro for Reversers
Lenny Zeltser, SANS Instructor, has released a customized distribution targeted at malware reverse engineers. From the REMnux page: REMnux is designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis. As … Continue reading
win32 memory capture & analysis cheat sheet
A high level overview to perform live memory captures and analysis: capture memory via moonsol’s win32dd parse memory snapshot with mandiant’s memoryze analyze results via audit viewer or analyze using the volatility framework — neatly packaged in SAN’S Sift Workstation
(Tool) FireShark: Aid for web incident response
The tool of the day is FireShark, a free web analysis tool. This is great to have in your toolbox for IR. FireShark will generate a mind map of a given webpage — think of it being a graphical representation … Continue reading
Forensics on Amazon’s Kindle
I recently stumbled upon to great blog posts regarding Kindle forensics. Eric Huber’s ‘A Fistful of Dongles’ blog has some interesting initial analysis on imaging the Kindle and key artifacts to zone in on. Part 1: A Cursory Look at … Continue reading
Analyzing Malicious PDF Documents
So you want to get your feet wet? Grab Didier Stevens tools here: http://blog.didierstevens.com/programs/pdf-tools/ Grab malicious PDF samples here: http://www.malwaredomainlist.com/mdl.php?search=pdf+exploit&colsearch=All&quantity=50 *Be careful, these are live samples! Video Tutorial: Didier on analyzing a PDF Document: http://www.youtube.com/v/tHVi2wKCkTc You’re going to run into … Continue reading
Posted in forensics, malware, news, security
Tagged javascript, malware, pdf, re, tools
Leave a comment
GPS Forensics & Google Earth
I previously wrote about online GPS Forensic references and wanted to put them to use. I had a suspicion that my girlfriend has been seeing another man. When she was at work I grabbed her GPS (Garmin Nuvi 205) and … Continue reading
Posted in forensics
Leave a comment
Windows Anti Forensics Tip of the Day…
I previously wrote about how to have your system automatically clear the pagefile before a reboot or shutdown. There’s a couple other steps I recommend you make on your system… Automatically permanently delete (Nuke on Delete)- Normally Delete sends files … Continue reading
Posted in forensics, microsoft
Leave a comment
GPS Forensics
There’s a new GPS forensics community starting up here: http://www.gpsforensics.org/ Some additional information can be found here: http://www.forensicswiki.org/wiki/GPS I’m going to examine my Garmin 200W this evening. It looks like a simple text editor will reveal raw trip data including … Continue reading
Adobe Flash control panel
I previously wrote about Flash cookies which many folks are not aware of. Well, I’ve just stumbled across a great article which describes how to manage your Flash cookies and other settings. The “control panel” is located on Adobe’s website: … Continue reading