Recent Twats
- @PatrickElOso Today I don't feel like doing anything I just wanna lay in my bed Don't feel like picking up my phone, so leave a message...
- RT @RealGilbert: The RIP Eddie Murphy reports are false! The cops found a dead black guy and just assumed it was either Eddie Murphy or ...
- Why Twitter’s new policy is helpful for free-speech advocates - http://t.co/lMFgD7F1
Archives
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
Tag Archives: ir
Dumping Dropbox…
I’m deleting my Dropbox account in favor of Jungle Disk. First, the fact that Dropbox is able to view my plaintext data if I don’t encrypt it before uploading (with Truecrypt etc) worries me. Second there was a local exploit … Continue reading
Free FEMA National Incident Mgmt System (NIMS) online training courses
The Federal Emergency Management Agency which did the wonderful job with Hurricane Katrina and whose ex-directory now admits he should have asked for help earlier offers some great online courses. The courses I noticed are around the Incident Command System (ICS) … Continue reading
Computer Forensics practice
You’ve just finished receiving digital forensics training or acquired a new tool (FTK, Encase, Sleuth). Now what? You’re waiting for some real cases to crack. In the meantime, over on the SANS Forensics blog, Ken Pryor has posted an excellent … Continue reading
REMnux: Distro for Reversers
Lenny Zeltser, SANS Instructor, has released a customized distribution targeted at malware reverse engineers. From the REMnux page: REMnux is designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis. As … Continue reading
win32 memory capture & analysis cheat sheet
A high level overview to perform live memory captures and analysis: capture memory via moonsol’s win32dd parse memory snapshot with mandiant’s memoryze analyze results via audit viewer or analyze using the volatility framework — neatly packaged in SAN’S Sift Workstation
(Tool) FireShark: Aid for web incident response
The tool of the day is FireShark, a free web analysis tool. This is great to have in your toolbox for IR. FireShark will generate a mind map of a given webpage — think of it being a graphical representation … Continue reading