A list of #DFIR tools and their uses in a forensics investigation ow.ly/QzXd30pNdaJ

Some TRICKBOT TTPs I've recently gathered. What happens post infection? Hope this post helps provide insight into these activities and to build further detections and preventions! 1️⃣EMPIRE 2️⃣POWERSPLOIT 3️⃣MIMIKATZ 4️⃣COBALT-STRIKE 5️⃣BLOODHOUND #DFIR sneakymonkey.net/2019/10/29/tri…

Pleased to announce that we have published Kuiper a digital investigation platform. It is designed to aid investigators in the analysis of a wide range of windows artifacts with an emphasis on performance, collaboration and alerting. bit.ly/2PB203e #dfir

تم بحمد الله برمجة كايبر الذي يهدف الى مساعد التحليل الجنائي الالكتروني. من اهم مزاياه مساعدة المحللين على تحليل الأدلة الرقمية المتعلقة بنظام التشغيل ويندوز بالتركيز على الاداء و العمل الجماعي وايضا التنبيهات وهناك المزيد ..github.com/DFIRKuiper/Kui…

#DFIR Pleased to announce that we have published Kuiper a digital investigation platform. It is designed to aid investigators in the analysis of a wide range of windows artifacts with an emphasis on performance, collaboration and alerting. github.com/DFIRKuiper/Kui…

Kuiper a digital investigation platform that provides a capabilities for the investigation team and individuals to parse, search, visualize collected evidences by Saleh Muhaysin 🇸🇦 🐪Muteb Abdullah Alrasheed #DFIR github.com/DFIRKuiper/Kui…

#DFIR #Kuiper #informationsecurity Dears, are you looking for Kuiper's Wiki, how to add new parsers to Kuiper, or configure Kuiper for your environment, visit Kuiper's Wiki here github.com/DFIRKuiper/Kui…

من هم حماية هات؟ Hemaya HAT

In response to the coronavirus outbreak, SANS has made public a massive Work-From-Home Deployment Kit, full of info to keep your organization and employees safe and #secure while working virtually. Download your kit here: sans.org/u/10Zu #WFH

Awesome collection of yara rules github.com/Yara-Rules/rul… And much more 💎

New Rhaegal Update to improve the usability and detection. #DFIR #CyberSecurity #BlueTeam Rhaegal Rules Added: * Added a new rule set for "lateral movements" * Added more malicious rules to the current library. * Fix some false positive on some rules.

Hello everyone ✋ I wrote a blog post about the certutil artifacts when used to download a file from the internet in addition to my analysis to the metadata file structure. You can find it here u0041.co/blog/post/3 #DFIR #BlueTeam

How threat actors can leverage the web server to Exfiltrate data? I wrote an article describe how APT groups can exfiltrate data using the virtual directory and how to detect and Mitigate this technique #DFIR #SOC #BlueTeam #threathunting #CyberSecurity medium.com/@Bandar./exfil…

رؤيتنا، رسالتنا، أهدافنا... في #سايت

Thanks AbdulRhman Alfaifi 🇸🇦 for contributing to the #rustlang libtsk bindings! If you don't know who he is, check out his cool work here: github.com/AbdulRhmanAlfa… #DFIR

#DFIR #DFIRKuiper #IncidentResponse #Security #CyberSecurityNews Pleased to announce the new release of Kuiper 2.0.10 🥳 with new awosome features, LDAPs authentication, Ngnix, more parsers (now has 65 parsers), support memory dump. and many bug fixes... github.com/DFIRKuiper/Kui…

Analyst report for IR cases from 2020 is available github.com/klsecservices/… #DFIR #incidentresponse #threathunting

It will be our pleasure at Kaspersky to have you during our webinar today where I will be discussing last year’s DFIR report and some of special cases we worked on. Join here: lnkd.in/dThPwWqj #digitalforensics #cybersecurity #incidentresponse #dfir #webinar #kaspersky

#CyberSecurity #DFIR #Docker #OpenSource #Github #DFIRKuiper version 2.3.0 released with new awesome features for DFIR teams 🥳 Check the ChangeLog github.com/DFIRKuiper/Kui… Continue...