🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

.volatility New Release: #volatility3 v2.5.0 - visit github.com/volatilityfoun… for details and downloads. #memoryforensics #dfir

Week 41 - 2023 #DFIR thisweekin4n6.com/2023/10/08/wee…

As part of the research my colleagues and I presented at #DFIREurope23 🇨🇿 (github.com/WithSecureLabs…), I updated Chainsaw. It is now capable of analysing SRUM databases and providing new forensic insights 💡(see github.com/WithSecureLabs…) #chainsaw #dfir #SRUM #WithSecure #SANS

I have a new blog post up detailing per app registry hives for analysis in #DFIR investigations related to MSIX Registry Redirection. These hives can contain additional information that may not be found in other locations. ZeroFox SANS DFIR zerofox.com/blog/the-regis…

My last #forensic chall The Brofessor , Maki , Jean Marsault & co are you amateur enough to test and succeed ?😇😋😘

Week 44 - 2023 #DFIR thisweekin4n6.com/2023/10/29/wee…

Time to make volatility 3 compatible with modern Windows hibernation file analysis. Blog post : forensicxlab.com/posts/hibernat… Feature : tinyurl.com/5n8u4nr9 Special thanks to Chad Tilbury who gave me the motivation and Joe Sylve 🐘 @[email protected], Vico Marziale, Golden G. Richard III for the incredible work

iOS 15 Image Forensics Analysis and Tools Comparison - Native Apps blog.digital-forensics.it/2023/10/ios-15… #DFIR #mobileforensics

MFT records and therefore alternate data streams (ADS) can be carved from a memory image. Here is a volatility 3 plugin added to mftscan in order to extract ADS: Look for downloaded files via Zone.Identifier and potential malicious code! Blog Post : forensicxlab.com/posts/volads/

Week 49 - 2023 #DFIR thisweekin4n6.com/2023/12/03/wee…

Analysis of the Import Address Table of a process in memory can be useful when performing Digital Forensic and Reverse Malware Engineering. Here is a volatility 3 plugin to extract the IAT. Merry Christmas! Blog Post : forensicxlab.com/posts/voliat/

For Christmas 2023, Root-Me has decided to thank its favorite hackers! 🥳 Two prize packages including XXL mouse pads, mugs, stickers, flags, and pins are up for grabs ! 🎁 To participate, it's as simple as : - Follow Root-Me - RT 🔃 this post - Being verified on the

#tools #Blue_Team_Techniques 1. Sigma rules for Linux and MacOS blog.virustotal.com/2023/12/sigma-… 2. The multi-platform memory acquisition tool ]-> Win7-10: github.com/Velocidex/WinP… ]-> Linux x64: github.com/Velocidex/Linp…

forensictools A toolkit designed for digital #forensics, offering a wide array of tools. Its primary goal is to simplify the creation of a virtual environment for conducting forensic examinations. github.com/cristianzsh/fo… #cybersecurity #infosec

New lab 🏰 for the GOAD project 🥳: SCCM You can now test the SCCM/MECM attacks locally on Virtualbox or Vmware. More information here: mayfly277.github.io/posts/SCCM-LAB… Repository here : github.com/Orange-Cyberde… Thx again Kenji Endo for your help to building this !

Exciting news: VolWeb 2.0 is out! This digital forensics memory analysis platform leverages the capabilities of volatility 3 framework. With significant enhancements, it now offers improved flexibility and scalability! github.com/k1nd0ne/VolWeb. 1/8

#FIC2024 Très belle présentation de l'outil #Volweb par k1nd0ne au #Coriin #forensic, #volatility,#memory

Week 13 - 2024 #DFIR thisweekin4n6.com/2024/03/31/wee…

En novembre dernier, Disclose révélait l’utilisation illégale d’un logiciel de reconnaissance faciale par la police. Darmanin promettait une enquête indépendante et des conclusions rendues publiques sous trois mois. Depuis, c’est silence radio. disclose.ngo/fr/article/rec…

Aujourd'hui, nous vous avons révélé le projet confidentiel à « 150 millions d’euros » du milliardaire Pierre-Edouard Stérin pour faire gagner le RN. Notre journaliste Thomas Lemahieu vous explique le dossier. Nos révélations ➡️ l.humanite.fr/A4Y