Chris Ray at Cyber TriageDFIR Breakdown: Using Certutil To Download Attack Tools 0xdf hacks stuff HTB Sherlock: Tracer HTB Sherlock: Campfire-2 Baris Dincer Forensic Investigation Operations — Complex Linux Forensics Analysis Forensic Investigation Operations — Windows Base III BelkasoftAndroid System Artifacts: Forensic Analysis of Application Usage Digital Forensics Myanmar Digital Forensics with Myanmar Language PDF (View Or Download) eCDFP […]

Adam MesserCloud Digital Forensics and Incident Response — EC2 Compromise Leads to S3 Bucket Exfiltration Baris Dincer Forensic Investigation Operations — Windows Base I Forensic Investigation Operations — Windows Base II BelkasoftChallenges in Digital Forensics: The Case of the Trump Rally Shooter’s Phone Digital Forensics Myanmar eCDFP (Module-6) (Window Forensics) (Part – 2 ) eCDFP (Module-6) (Window Forensics) (Part – 3 […]

Atola TechnologiesNeed for Speed: How to Get a Forensic Image Quicker? Clint Marsden at DFIR Insights Exploring Host-Based Digital Forensics with Memory Analysis The role of Incident Response in Cyber Security Introduction to Digital Forensics: Preparing for the Unexpected with Volatility, Wireshark, Hayabusa and FTK Imager Cyber 5WGoogle Drive Forensics Digital Forensics Myanmar Thumbnail Or […]

Cyber 5WWindows Registry Analysis Decrypting a DefenseNYC ShotSpotter Report, Deepfakes, Video ID Decision, Digital Evidence Standards, & More Django Faiola at ‘Appunti di Informatica Forense’iOS Booking.com – Hotels & Travel ForensafeInvestigating Android Google Drive Ian Whiffin at DoubleBlakBrowserState.db last_viewed_time? (Again) Memory ForensicMemory Mystery Challenge Francis Guibernau at AttackIQEmulating the Sabotage-Focused Russian Adversary Sandworm– Part 2 […]

0xdf hacks stuffHTB Sherlock: Campfire-1 Any.Run Phishing Incident Report: Facts and Timeline  Analysis of the Phishing Campaign: Behind the Incident AT&T Cybersecurity Business Email Compromise (BEC): Tracking a Threat Actor’s Funny Business Memory Dump Analysis: Using LiME for Acquisition and Volatility for Initial Setup Dr. Giannis Tziakouris and Nadhem Al-Fardan at CiscoDigital Forensics for Investigating […]

Cesar Quezada at HexordiaFSEvents: How They Work and Why They Matter for Mac Analysis ForensafeInvestigating Android Device Health Services Neetrox at InfoSec Write-upsAnalyzing a Phishing Email Header InginformaticoTriage / Incident Response tools for Linux Justin De Luna at ‘The DFIR Spot’Windows Defender MP Logs – A Story of Artifacts N00b_H@ck3rLetsDefend: Discord Forensics Oliver Hartshorn and […]

0xdf hacks stuffHTB Sherlock: Noted Atola TechnologyFile Carving and Sector-Level Analysis Campaign and public sector information securitySysmon-Help an investigator out! Craig Ball at ‘Ball in your Court’Garden Variety: Byte Fed. v. Lux Vending Cyber 5WWindows Event Logs Analysis Dhiren Bhardwaj at Digital Forensic Forest Investigating a Data Exfiltration Scenario Transforming Python scripts into .exe – […]

Zach Stanford, Yogesh Khatri, and Phill Moore at CyberCXForensic Applications of Microsoft Recall 0xdf hacks stuffHTB Sherlock: Constellation Adan AlvarezAutomating Incident Response in AWS: Blocking a Compromised Identity Center User Alex TeixeiraData Science & Exploratory Data Analysis: the Panda versus the Pony! Brett ShaversThe Multiverse of a DFIR Case Bret at Cyber GladiusIncident Response Plan: […]

0xdf hacks stuffHTB Sherlock: Nubilum-1 Amged WagehDriveFS Sleuth — Recovery Made Possible! Chris Ray at Cyber TriageDFIR Breakdown: Kerberoasting Dark Data DiscoveryThe 10 Common Data Carving Approaches ForensafeInvestigating Android Waze Forensic Science International: Digital InvestigationVolume 49 HaircutfishTryHackMe Room — Logstash: Data Processing Unit Kevin Beaumont at DoublePulsarRecall: Stealing everything you’ve ever typed or viewed on your own Windows PC […]

0xdf hacks stuffHTB Sherlock: Bumblebee Alexis Brignoni at ‘Initialization Vectors’Full File System extractions in Zip – MAC times Marco Fontani at AmpedDetecting AI-generated Images Obtained with Text-to-image Models in Amped Authenticate BelkasoftAndroid System Artifacts: Forensic Analysis of Device Information and Usage Cyber 5W “Email Forensics” Cyber TriageCollecting Linux DFIR Artifacts with UAC Dr. Neal Krawetz at […]