- All open source security tools I collected: sec-tool-list: More than 18K. Both Markdown and Json format.
- Reverse Engineering Resources: awesome-reverse-engineering: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/Qemu/AndroidSecurity/iOSSecurity/WindowSecurity/LinuxSecurity/GameHacking/Bootkit/Rootkit/Angr/Shellcode/ProcessInjection/CodeInjection/DLLInjection/WSL/Sysmon/…
- Network Related Resources: awesome-network-stuff: Proxy/GFW/ReverseProxy/Tunnel/VPN/Tor/I2P, and MiTM/PortKnocking/NetworkSniff/NetworkAnalysis/etc
- Offensive Security Resources: awesome-cyber-security: Vulnerability/Pentest/IoTSecurity/DataExfiltration/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/AntiVirus/CobaltStrike/Recon/OSINT/SocialEnginneringAttack/Password/Credential/ThreatHunting/Payload/WifiHacking/PostExploitation/PrivilegeEscalation/UACBypass/…
- open source RAT and malicious RAT analysis reports: awesome-rat: RAT for all platforms: Windows/Linux/macOS/Android; malicious RAT analysis reports
- Webshell Resource Collection: awesome-webshell: Almost 150 open source tools, and 200 blog posts about webhsell.
- Forensics Resource Collection: awesome-forensics: Almost 300 open source forensics tools, and 600 blog posts about forensics.
-
Forensics
Directory
Recent Add
-
2019.12 [sans] HSTS For Forensics: You Can Run, But You Can’t Use HTTP
-
2019.12 [eforensicsmag] 6 Threat Intelligence Sources That Will Help Enhance Digital Forensics Readiness | By Jonathan Zhang
-
2019.12 [mac4n6] New(ish) Presentation: Poking the Bear - Teasing out Apple’s Secrets through Dynamic Forensic Testing and Analysis
-
2019.12 [4hou] 移动设备数字取证过程概述(下)
-
2019.12 [4hou] 移动设备数字取证过程概述(上)
-
2019.11 [freebuf] DFIRTriage:针对Windows的事件应急响应数字取证工具
-
2019.11 [freebuf] Windows系统安全事件日志取证工具:LogonTracer
-
2019.11 [compass] Challenging Your Forensic Readiness with an Application-Level Ransomware Attack
-
2019.11 [freebuf] AutoMacTC:一款针对macOS环境的自动化取证分类采集器
-
2019.11 [eforensicsmag] CRYPTO & DATA ERASURE: After forensic analysis drives should be securely wiped | By Paul Katzoff
-
2019.10 [eforensicsmag] Encrypted file system forensics - Introduction (EXT4) [FREE COURSE CONTENT]
-
2019.10 [4hou] iPhone取证的通用方法
-
2019.10 [Cooper] Beyond Windows Forensics With Built-in Microsoft Tooling - Thomas Fischer
-
2019.10 [Cooper] Memory Forensics Analysis Of Cisco IOS XR 32 Bits Routers With ‘Amnesic-Sherpa’ - Solal Jacob
-
2019.10 [4hou] 如何在Windows上重现macOS上的取证技巧
-
2019.10 [HackersOnBoard] Lessons from Virginia - A Comparative Forensic Analysis of WinVote Voting Machine
-
2019.10 [HackersOnBoard] Black Hat USA 2016 Memory Forensics Using Virtual Machine Introspection for Cloud Computing
-
2019.10 [elcomsoft] Installing and using iOS Forensic Toolkit on macOS 10.15 Catalina
-
2019.09 [mac4n6] Just Call Me Buffy the Proto Slayer – An Initial Look into Protobuf Data in Mac and iOS Forensics
-
2019.09 [venus] RDP 登录日志取证与清除
-
2019.09 [freebuf] Usbrip:用于跟踪USB设备固件的简单CLI取证工具
-
2019.09 [PositiveTechnologies] Forensics: why there are no perfect crimes
-
2019.09 [sans] Strengthen Your Investigatory Powers by Taking the New FOR498: Battlefield Forensics & Data Acquisition Course from SANS
-
2019.09 [4hou] 什么是数字取证(Digital forensics)? 如何在这个热门领域站稳脚跟?
-
2019.09 [4hou] 使用osquery进行远程取证
-
2019.09 [elcomsoft] Apple TV Forensics 03: Analysis
-
2019.09 [securelayer7] CAN Bus protocol Penetration testing and forensics
-
2019.09 [hackers] Network Forensics, Part 3: tcpdump for Network Analysis
-
2019.09 [freebuf] 浅谈电子数字取证技术
-
2019.09 [diablohorn] Notes on ZFS / Solaris forensics
-
2019.08 [THER] [tool] Network Forensics with Tshark
-
2019.08 [elcomsoft] Passcode vs. Biometrics: Forensic Implications of Touch ID and Face ID in iOS 12
-
2019.08 [hackers] Digital Forensics, Part 11: Recovering Stored Passwords from the Browser
-
2019.08 [freebuf] MIG:一款功能强大的高速分布式实时数据取证工具
-
2019.08 [freebuf] 用于监控USB设备连接事件的取证工具
-
2019.08 [0x00sec] CAN-bus protocol pentesting and forensics
-
2019.08 [4hou] 有没有想过一个问题,适用于移动设备的取证方法能否照搬到台式计算机上?
-
2019.08 [mac4n6] New Presentation from SANS DFIR Summit 2019 - They See Us Rollin’, They Hatin’ - Forensics of iOS CarPlay and Android Auto
-
2019.08 [X13Cubed] NTFS Journal Forensics
-
2019.08 [MastersInEthicalHacking] Computer Forensic Tutorials || Install Dumpzilla on Kali Linux
-
2019.07 [elcomsoft] Extended Mobile Forensics: Analyzing Desktop Computers
-
2019.07 [eforensicsmag] Mounting forensic images using losetup cli [FREE COURSE CONTENT]
-
2019.07 [elcomsoft] iOS 13 (Beta) Forensics
-
2019.07 [infosecinstitute] Getting started in digital forensics
-
2019.07 [4hou] iOS越狱和物理取证指南
-
2019.07 [4hou] 对Apple Watch的取证分析(续)
-
2019.07 [eforensicsmag] Case Study: Extracting And Analyzing Messenger Data With Oxygen Forensic Detective | By Nikola Novak
-
2019.07 [andreafortuna] How to convert a Windows SFS (Dynamic Disks) partition to regular partition for forensic analysis
-
2019.07 [4hou] Apple TV和Apple Watch的取证分析
-
2019.07 [arxiv] [1907.01421] Methodology for the Automated Metadata-Based Classification of Incriminating Digital Forensic Artefacts
-
2019.06 [arxiv] [1907.00074] Forensic Analysis of Third Party Location Applications in Android and iOS
-
2019.06 [elcomsoft] Apple Watch Forensics 02: Analysis
-
2019.06 [hackers] Network Forensics, Part 2: Packet-Level Analysis of the NSA’s EternalBlue Exploit
-
2019.06 [elcomsoft] Apple TV and Apple Watch Forensics 01: Acquisition
-
2019.06 [eforensicsmag] Forensic Analysis of OpenVPN on iOS | By Jack Farley
-
2019.06 [mac4n6] New Presentation from MacDevOpsYVR 2019 - Launching APOLLO: Creating a Simple Tool for Advanced Forensic Analysis
-
2019.06 [eforensicsmag] Forensic Acquisitions over Netcat | By Ali Hadi
-
2019.06 [arxiv] [1906.10625] Antiforensic techniques deployed by custom developed malware in evading anti-virus detection
-
2019.06 [h2hconference] Memory anti-anti-forensics in a nutshell - Fuschini & Rodrigues - H2HC 2013
-
2019.06 [elcomsoft] Forensic Implications of iOS Jailbreaking
-
2019.06 [arxiv] [1906.05268] Differential Imaging Forensics
-
2019.06 [eforensicsmag] My Digital Forensic Career Pathway | By Patrick Doody
-
2019.05 [trailofbits] Using osquery for remote forensics
-
2019.05 [freebuf] CyberScan:用于数据包取证的渗透工具
-
2019.05 [HackEXPlorer] Digital Photo Forensics: How To analyze Fake Photos
-
2019.05 [eforensicsmag] “Most people neglect scrutinizing the basics” - Interview with Divya Lakshmanan, eForensics Instructor
-
2019.05 [andreafortuna] How to read Windows Hibernation file (hiberfil.sys) to extract forensic data?
-
2019.05 [MastersInEthicalHacking] Computer Memory Forensic Tutorial
-
2019.05 [360] 2019 虎鲸杯电子取证大赛赛后复盘总结
-
2019.05 [eforensicsmag] BLAZESCAN – digital forensic open source tool | By Brian Laskowski
-
2019.04 [X13Cubed] Free Tools From Magnet Forensics
-
2019.04 [4hou] 利用LeechAgent对远程物理内存进行取证分析
-
2019.04 [freebuf] Imago-Forensics:Python实现的图像数字取证工具
-
2019.04 [andreafortuna] How to extract forensic artifacts from pagefile.sys?
-
2019.04 [scrtinsomnihack] Dear Blue Team: Forensics Advice to Supercharge your DFIR capabilities by Joe Gray (@c_3pjoe)
-
2019.04 [eforensicsmag] Instagram Forensics -Windows App Store | By Justin Boncaldo
-
2019.04 [arxiv] [1904.01725] Using Google Analytics to Support Cybersecurity Forensics
-
2019.03 [aliyun] Compromised Server–取证挑战
-
2019.03 [4hou] Windows注册表取证分析
-
2019.03 [arxiv] [1903.10770] Blockchain Solutions for Forensic Evidence Preservation in IoT Environments
-
2019.03 [compass] Windows Forensics with Plaso
-
2019.03 [checkpoint] Check Point Forensic Files: A New Monero CryptoMiner Campaign | Check Point Software Blog
-
2019.03 [arxiv] [1903.07703] A Survey of Electromagnetic Side-Channel Attacks and Discussion on their Case-Progressing Potential for Digital Forensics
-
2019.03 [hexacorn] PE Compilation Timestamps vs. forensics
-
2019.03 [0x00sec] A forensics repo?
-
2019.03 [crowdstrike] AutoMacTC: Automating Mac Forensic Triage
-
2019.03 [securityartwork] Exchange forensics: The mysterious case of ghost mail (IV)
-
2019.03 [arxiv] [1904.00734] Forensics Analysis of Xbox One Game Console
-
2019.03 [ironcastle] Special Webcast: SOF-ELK(R): A Free, Scalable Analysis Platform for Forensic, incident Response, and Security Operations – March 5, 2019 1:00pm US/Eastern
-
2019.03 [securityartwork] Exchange forensics: The mysterious case of ghost mail (III)
-
2019.03 [freebuf] 你可能没见过的流量取证
-
2019.03 [securityartwork] Exchange forensics: The mysterious case of ghost mail (II)
-
2019.03 [HackerSploit] Imago Forensics - Image Forensics Tutorial
-
2019.02 [freebuf] 对恶意树莓派设备的取证分析
-
2019.02 An Introduction to Exploratory Data Analysis with Network Forensics
-
2019.02 [htbridge] How to Use an Audit Log to Practice WordPress Forensics
-
2019.02 [htbridge] How to Use an Audit Log to Practice WordPress Forensics
-
2019.02 [arxiv] [1903.03061] DIALOG: A framework for modeling, analysis and reuse of digital forensic knowledge
-
2019.02 [arxiv] [1903.01396] A complete formalized knowledge representation model for advanced digital forensics timeline analysis
-
2019.02 [bhconsulting] AWS Cloud: Proactive Security and Forensic Readiness – part 5
-
2019.02 [infosecinstitute] Popular Computer Forensics Top 21 Tools [Updated for 2019]
-
2019.02 [cybrary] The Cost to Learn Computer Forensics
-
2019.02 [cybrary] “Ok Google. What is Forensic Analysis?”
-
2019.02 [360] 从PowerShell内存中提取取证脚本内容
-
2019.02 [eforensicsmag] How EnCase Software has Been Used Major Crime Cases (Plus how to use EnCase Forensic Imager Yourself) | By Brent Whitfield
-
2019.01 [4hou] Linux内存取证:解析用户空间进程堆(下)
-
2019.01 [4hou] Linux内存取证:解析用户空间进程堆(中)
-
2019.01 [cybrary] Computer Forensics Jobs: How to get a job, and what you should know
-
2019.01 [4hou] Linux内存取证:解析用户空间进程堆(上)
-
2019.01 [cybrary] Computer Forensics Jobs: Is it really that difficult to enter the field?
-
2019.01 [checkpoint] Check Point Forensic Files: GandCrab Returns with Friends (Trojans) | Check Point Software Blog
-
2019.01 [comae] Leveraging Microsoft Graph API for memory forensics
-
2019.01 [cybrary] Computer Forensics Jobs: Are there jobs available?
-
2019.01 [leeholmes] Extracting Forensic Script Content from PowerShell Process Dumps
-
2019.01 [freebuf] iOS取证技巧:在无损的情况下完整导出SQLite数据库
-
2019.01 [freebuf] TorPCAP:Tor网络取证分析技术
-
2019.01 [360] Windows 注册表取证分析
-
2019.01 [freebuf] Android取证:使用ADB和DD对文件系统做镜像
-
2019.01 [sans] Go Big with Bootcamp for Advanced Memory Forensics and Threat Detection
-
2019.01 [fireeye] Digging Up the Past: Windows Registry Forensics Revisited
-
2019.01 [sans] SANS FOR585 Q&A: Smartphone Forensics - Questions answered
-
2019.01 [redcanary] Our Automation Solution, Exec, Now Features Forensics, Human Approvals, and More
-
2019.01 [4hou] CTF取证方法总结
-
2018.12 [hitbsecconf] #HITB2018DXB: Offensive Memory Forensics - Hugo Teso
-
2018.12 [4hou] Check Point取证报告:SandBlast客户端能够监测到无文件GandCrab
-
2018.12 [4hou] Apple FSEvents相关的取证问题总结
-
2018.12 [checkpoint] Check Point Forensic Files: Fileless GandCrab As Seen by SandBlast Agent | Check Point Software Blog
-
2018.12 [0x00sec] Anti-forensic and File-less Malware
-
2018.12 [sans] The new version of SOF-ELK is here. Download, turn on, and get going on forensics analysis.
-
2018.12 [eforensicsmag] (Not Quite) Snapchat Forensics | By Gary Hunter
-
2018.12 [andreafortuna] Android Forensics: imaging android filesystem using ADB and DD
-
2018.12 [CodeColorist] iOS forensics trick: pull databases w/o full backup
-
2018.11 [DEFCONConference] DEF CON 26 DATA DUPLICATION VILLAGE - Lior Kolnik - The Memory Remains Cold Drive Memory Forensics
-
2018.11 [volatility] Malware and Memory Forensics Training in 2019!
-
2018.11 [eforensicsmag] LOGICUBE INTRODUCES EDUCATIONAL VIDEO SERIES FOR IT’S NEXT-GENERATION FORENSIC IMAGER, FALCON-NEO | from Logicube
-
2018.11 [mac4n6] Do it Live! Dynamic iOS Forensic Testing
-
2018.11 [arxiv] [1811.09239] Digital Forensics for IoT and WSNs
-
2018.11 [n0where] Extract Digital Evidences From Images: Imago-Forensics
-
2018.11 [andreafortuna] AutoTimeliner: automatically extract forensic timeline from memory dumps
-
2018.11 [freebuf] PcapXray:一款功能强大的带有GUI的网络取证工具
-
2018.11 [WildWestHackinFest] Six Sick Systems, One Hour: Investigate with Host Forensics
-
2018.11 [arxiv] [1811.01629] On the Transferability of Adversarial Examples Against CNN-Based Image Forensics
-
2018.11 [DEFCONConference] DEF CON 26 VOTING VILLAGE - Carsten Schurmann - A Comprehensive Forensic Analysis of WINVote Voting
-
2018.11 [arxiv] [1811.00701] Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset
-
2018.10 [hackers] Network Forensics: Wireshark Basics, Part 2
-
2018.10 [aliyun] picoCTF2018 Writeup之Forensics篇
-
2018.10 [aliyun] 取证分析之发现Windows恶意程序执行痕迹
-
2018.10 [mac4n6] Video Now Available - #DFIRFIT or BUST: A Forensic Exploration of iOS Health Data
-
2018.10 [insanitybit] Grapl: A Graph Platform for Detection, Forensics, and Incident Response
-
2018.10 [krypt3ia] Ryan S. Lin: Cyber Stalking, VPN’s and Digital Forensics
-
2018.10 [pediy] [原创]取证分析之逆向服务器提权开启3389远程连接工具
-
2018.10 [malwarenailed] Live forensic collection and triage using CyLR, CDQR and Skadi
-
2018.10 [insinuator] Incident Analysis and Digital Forensics Summit 2018, 14th of November of 2018
-
2018.10 [SSTecTutorials] USB Forensics - Find History of Connected USB | Data Stolen By USB?
-
2018.10 [elearnsecurity] Top 5 Skills for a Career in Digital Forensics
-
2018.10 [eforensicsmag] Threat Intelligence: Taking a Fresh Look at Digital Forensics Backlogs | By Jonathan Zhang
-
2018.10 [welivesecurity] How to find forensic computer tools for each incident
-
2018.10 [elcomsoft] iOS Forensics Training in Vienna: 17-19 Oct 2018
-
2018.10 [andreafortuna] Accessing Volume Shadow Copies within a forensic image
-
2018.09 [hackers] Network Forensics, Part 2: Detecting and Analyzing a SCADA DoS Attack
-
2018.09 [hackers] Network Forensics, Wireshark Basics, Part 1
-
2018.09 [4hou] 如何对苹果设备进行云取证
-
2018.09 [4hou] 是迫于压力还是心甘情愿?年底之前,苹果将完成和执法机构的取证工作对接
-
2018.09 [eforensicsmag] Ethics and Forensics- Time To Take A Hard Look | By Marisa Dery
-
2018.09 [elcomsoft] Cloud Forensics: Why, What and How to Extract Evidence
-
2018.09 [arxiv] [1809.00745] IoTDots: A Digital Forensics Framework for Smart Environments
-
2018.09 [bhconsulting] AWS Cloud: Proactive Security and Forensic Readiness – part 4
-
2018.08 [freebuf] Hindsight:Google ChromeChromium历史访问记录取证工具
-
2018.08 [arxiv] [1808.01196] Enabling Trust in Deep Learning Models: A Digital Forensics Case Study
-
2018.08 [eforensicsmag] Tracking Photo’s Geo-location with GPS EXIF DATA – Forensic Analysis | By Bala Ganesh
-
2018.07 [arxiv] [1807.10436] Emerging from The Cloud: A Bibliometric Analysis of Cloud Forensics Studies
-
2018.07 [arxiv] [1807.10438] Internet of Things Security and Forensics: Challenges and Opportunities
-
2018.07 [arxiv] [1807.10445] Greening Cloud-Enabled Big Data Storage Forensics: Syncany as a Case Study
-
2018.07 [arxiv] [1807.10359] B-CoC: A Blockchain-based Chain of Custody for Evidences Management in Digital Forensics
-
2018.07 [arxiv] [1807.10218] CloudMe Forensics: A Case of Big-Data Investigation
-
2018.07 [arxiv] [1807.10214] Cloud Storage Forensic: hubiC as a Case-Study
-
2018.07 [pentesttoolz] Hindsight – Internet History Forensics For Google Chrome/Chromium
-
2018.07 [arxiv] [1807.08264] Digital forensic investigation of two-way radio communication equipment and services
-
2018.07 [fireeye] Leveraging Intelligence with FireEye Network Forensics
-
2018.07 [NetflixTechBlog] Netflix SIRT releases Diffy: A Differencing Engine for Digital Forensics in the Cloud
-
2018.07 [Sebdraven] APT Sidewinder: Tricks powershell, Anti Forensics and execution side loading
-
2018.07 [eforensicsmag] Digital Forensics – Tracking & Target Locating .Jpegs via Metadata (Exif) | By Hector Barquero
-
2018.07 [4hou] 攻击者从台湾科技公司窃取证书用于Plead恶意软件活动
-
2018.07 [eforensicsmag] Network Forensics Village | By Alexander Kot
-
2018.07 [HACKADAY] DataGram - Forensic Locksmithing
-
2018.07 [pentesttoolz] Guasap – WhatsApp Forensic Tool
-
2018.07 [hackread] Top 7 Most Popular and Best Cyber Forensics Tools
-
2018.06 [SecPgh] Tactical, Practical, Digital Forensics - John Grim
-
2018.06 [freebuf] 记一次服务器被入侵的调查取证
-
2018.06 [360] 企业APT攻击取证(windows版本)
-
2018.06 [elcomsoft] iOS Forensic Toolkit 4.0 with Physical Keychain Extraction
-
2018.06 [countuponsecurity] Digital Forensics – PlugX and Artifacts left behind
-
2018.06 [pediy] [翻译]WhatsApp取证:对加密数据库进行解密和在尚未被Root的Android设备上提取已删除的消息
-
2018.06 [X13Cubed] RDP Event Log Forensics
-
2018.06 [mac4n6] Presentation - #DFIRFIT or BUST: A Forensic Exploration of iOS Health Data (SANS DFIR Summit)
-
2018.06 [0x00sec] Intro to Digital Forensics [Part 2 - Methodology and Process Models]
-
2018.06 [SecurityFest] Solomon Sonya - Advanced Memory Forensics NextGen Actionable Threat Intelligence - SecurityFest 2018
-
2018.06 [andreafortuna] Dumpzilla: a forensic tool to extract information from browsers based on Firefox
-
2018.06 [andreafortuna] Using MFT anomalies to spot suspicious files in forensic analysis
-
2018.05 [aliyun] 【取证分析】CentOS_5.5_安装GCC编译LiME
-
2018.04 [freebuf] 内存取证:查找Metasploit的Meterpreter踪迹
-
2018.04 [360] 如何通过内存取证技术追踪Metasploit Meterpreter
-
2018.03 [freebuf] 如何对已损坏的SQLite数据库取证分析?
-
2018.03 [hackers] Digital Forensics, Part 10: Mobile Forensics (Android)
-
2018.03 [4hou] 数字取证调查中如何获取网络连接的时间戳?
-
2018.03 [hackers] Digital Forensics, Part 5: Analyzing the Windows Registry for Evidence
-
2018.03 [360] WhatsApp取证技术:如何在未Root的Android设备上解密数据库
-
2018.03 [sec] 网络犯罪调查与电子数据取证
-
2018.02 [hackers] Network Forensics, Part 1
-
2018.02 [freebuf] iPhone X未能幸免 | 以色列取证企业发现解锁任意iPhone设备的方法
-
2018.02 [hackingarticles] Digital Forensics Investigation through OS Forensics (Part 3)
-
2018.02 [hackingarticles] Convert Virtual Machine to Raw Images for Forensics (Qemu-Img)
-
2018.01 [hackingarticles] Digital Forensics Investigation through OS Forensics (Part 2)
-
2018.01 [hackingarticles] Digital Forensics Investigation using OS Forensics (Part1)
-
2018.01 [hackingarticles] Forensic Imaging through Encase Imager
-
2018.01 [hackingarticles] Forensic Investigation of Nmap Scan using Wireshark
-
2018.01 [boredhackerblog] Digital Forensics and Law
-
2018.01 [hackingarticles] Forensic Data Carving using Foremost
-
2018.01 [4hou] 云存储服务的数字取证(下)
-
2018.01 [4hou] 云存储服务的数字取证(上)
-
2018.01 [hackingarticles] Forensics Tools in Kali
-
2018.01 [hackingarticles] Network Packet Forensic using Wireshark
-
2017.12 [cert] GreHack 2017 – Write Up Forensic 400
-
2017.11 [freebuf] 著名开源网络取证工具Xplico远程未授权RCE漏洞
-
2017.10 [freebuf] 反取证技术:内核模式下的进程隐蔽
-
2017.10 [4hou] 内存取证分析的实战演练
-
2017.10 [n0where] Wireless Monitoring, Intrusion Detection & Forensics: Nzyme
-
2017.09 [sans] Forensic use of mount --bind
-
2017.09 [360] PCRT:一款自动化检测修复PNG损坏的取证工具
-
2017.09 [elcomsoft] New Security Measures in iOS 11 and Their Forensic Implications
-
2017.08 [freebuf] 内存取证三项CTF赛题详解
-
2017.08 [aliyun] 威胁猎杀与主动取证
-
2017.08 [securelayer7] Memory Forensics & Reverse Engineering : Thick Client Penetration Testing – Part 4
-
2017.08 [freebuf] 详解Windows注册表分析取证
-
2017.08 [pediy] [翻译]CTF取证类题目指南
-
2017.07 [aliyun] [ISS 2017]电子数据取证 议题分享一:网络犯罪魔与道:过去、现在、未来
-
2017.07 [aliyun] [ISS 2017]电子数据取证 议题分享二:计算机取证,科学?
-
2017.07 [4hou] BlackHat2017热点之DefPloreX—大规模网络犯罪取证的机器学习工具
-
2017.07 [trendmicro] DefPloreX: A Machine-Learning Toolkit for Large-scale eCrime Forensics
-
2017.07 [securelist] Bitscout – The Free Remote Digital Forensics Tool Builder
-
2017.06 [360] 数字取证技术——NTFS更改日志
-
2017.06 [secist] 22款受欢迎的计算机取证工具
-
2017.06 [freebuf] 22款受欢迎的计算机取证工具
-
2017.06 [4hou] 工具推荐:22款最流行的计算机取证工具【2017年更新版】
-
2017.06 [nicoleibrahim] Apple FSEvents Forensics
-
2017.06 [freebuf] 基于bro的计算机入侵取证实战分析
-
2017.06 [n0where] Digital Forensics Platform: Autopsy
-
2017.05 [360] Linux取证技术实践
-
2017.05 [countuponsecurity] Digital Forensics – NTFS Change Journal
-
2017.05 [freebuf] 计算机取证在企业安全中的实际应用
-
2017.04 [hackingarticles] Mobile Forensics Investigation using Cellebrite UFED
-
2017.04 [ionize] BSides Canberra 2017 CTF Writeup – Forensics – Capture This Challenge
-
2017.03 [4hou] 反取证、密码学、逆向工程软件…… 10大最好的网络安全Reddit都在这儿
-
2017.03 [freebuf] 数字取证技术 :Windows内存信息提取
-
2017.03 [csyssec] 名人课堂-高级数字取证与数据逆向工程
-
2017.01 [n0where] Open Source File System Digital Forensics: The Sleuth Kit
-
2017.01 [securestate] CTF Example – Forensics
-
2017.01 [welivesecurity] Forensic analysis techniques for digital imaging
-
2017.01 [freebuf] 为保护隐私而生,反取证操作系统:kodachi
-
2017.01 [n0where] Secure Anti Forensic Anonymous Operating System: kodachi
-
2016.12 [lightless] SECCON2016取证题WriteUP
-
2016.11 [hackers] Digital Forensics, Part 8: Live Analysis with sysinternals
-
2016.11 [hackers] Digital Forensics, Part 7: Browser Forensics
-
2016.11 [n0where] PowerShell Digital Forensics: PowerForensics
-
2016.11 [hackers] Digital Forensics, Part 6: Analyzing Windows Pre-fetch Files for Evidence
-
2016.10 [hackers] Digital Forensics, Part 4: Finding Key Evidence in the Forensic Image
-
2016.10 [hackers] Digital Forensics, Part 3: Recovering Deleted Files
-
2016.10 [hackers] Anti-Forensics: How to Clear Evidence Like Hillary Clinton
-
2016.09 [hackers] Digital Forensics, Part 2: Live Memory Acquisition and Analysis
-
2016.09 [sans] Back in Time Memory Forensics
-
2016.09 [hackers] Digital Forensics, Part 1: Capturing a Forensically Sound Image
-
2016.09 [sans] Windows Events log for IR/Forensics ,Part 2
-
2016.09 [n0where] Windows Forensic Data Collection: IR-rescue
-
2016.09 [sans] Windows Events log for IR/Forensics ,Part 1
-
2016.09 [n0where] Forensic File System Reconstruction: RecuperaBit
-
2016.08 [n0where] USB Anti Forensic Tool: usbdeath
-
2016.08 [rapid7] Using Log Data as Forensic Evidence
-
2016.08 [sans] Looking for the insider: Forensic Artifacts on iOS Messaging App
-
2016.08 [n0where] OS X Forensic Evidence Collection: OSXCollector
-
2016.07 [n0where] Incident Response Forensic Framework: nightHawk Response
-
2016.07 [n0where] Offline Digital Forensics Tool for Binary Files: ByteForce
-
2016.06 [hackers] Covering your BASH Shell Tracks- Anti-Forensics
-
2016.06 [rapid7] Trip Report: Techno Security & Forensics Investigations Conference
-
2016.06 [sans] Performing network forensics with Dshell. Part 2: Decoder development process
-
2016.05 [sans] Performing network forensics with Dshell. Part 1: Basic usage
-
2016.05 [n0where] Open Source Intelligence and Forensics : Maltego
-
2016.04 [sans] An Introduction to Mac memory forensics
-
2016.04 [n0where] Advanced Forensics File Format: AFF4
-
2016.03 [sans] Improving Bash Forensics Capabilities
-
2016.03 [sans] Forensicating Docker, Part 1
-
2016.03 [hackingarticles] Wifi Forensic Investigation using Wifihistoryview
-
2016.02 [freebuf] 针对爱尔兰DDoS攻击的取证分析
-
2016.02 [nsfocus] 加强调查取证,夯实威胁情报基础
-
2016.02 [360] 新型DDOS攻击分析取证
-
2016.01 [freebuf] Joy:捕获数据包、分析网络流量数据、网络取证及安全监控工具
-
2016.01 [freebuf] 分析取证指南:取证工具推荐
-
2016.01 [sans] toolsmith #112: Red vs Blue - PowerSploit vs PowerForensics
-
2015.12 [freebuf] 针对国外一款超火约会软件Tinder的取证分析
-
2015.12 [freebuf] 开源网络取证工具Xplico
-
2015.11 [secist] 调查取证之图像还原
-
2015.11 [secist] 调查取证之文字还原
-
2015.11 [n0where] Network Forensic Analysis Tool: Xplico
-
2015.11 [n0where] Digital Forensics Distro: CAINE
-
2015.11 [hackingarticles] Forensic Investigation of Any Mobile Phone with MOBILedit Forensic
-
2015.10 [hackingarticles] Android Mobile Device Forensics with Mobile Phone Examiner Plus
-
2015.10 [360] WMI 的攻击,防御与取证分析技术之攻击篇
-
2015.10 [hackingarticles] How to Create a Forensic Image of Android Phone using Magnet Acquire
-
2015.10 [hackingarticles] Forensics Investigation of Android Phone using Andriller
-
2015.10 [hackingarticles] Logical Forensics of an Android Device using AFLogical
-
2015.10 [hackingarticles] SANTOKU Linux- Overview of Mobile Forensics Operating System
-
2015.10 [hackingarticles] Forensics Analysis of Pagefile and hibersys File in Physical Memory
-
2015.09 [hackingarticles] 4 ways Capture Memory for Analysis (Memory Forensics)
-
2015.09 [hackingarticles] Forensic Investigation of RAW Image using Forensics Explorer (Part 1)
-
2015.09 [hackingarticles] Forensic Investigation Tutorial Using DEFT
-
2015.09 [freebuf] “短信拦截马”黑色产业链与溯源取证研究
-
2015.07 [hackingarticles] Forensics Investigon of RAW Images using Belkasoft Evidence Center
-
2015.07 [hackingarticles] How to Clone Drive for Forensics Purpose
-
2015.06 [hackingarticles] Best of Computer Forensics Tutorials
-
2015.06 [hackingarticles] Forensics Investigation of Deleted Files in a Drive
-
2015.06 [hackingarticles] Comparison of two Files for forensics investigation by Compare IT
-
2015.06 [hackingarticles] Live Forensics Case Investigation using Autopsy
-
2015.06 [hackingarticles] How to Install Digital Forensics Framework in System
-
2015.06 [hackingarticles] Forensics Investigation of Facebook, Skype, and Browsers in RAW Image using IEF (Internet Evidence Finder)
-
2015.06 [hackingarticles] How to Create Drive Image for Forensic Purpose using Forensic Replicator
-
2015.06 [hackingarticles] Outlook Forensics Investigation using E-Mail Examiner
-
2015.06 [hackingarticles] How to Preserve Forensics Image file Timestamp
-
2015.05 [hackingarticles] Forensics Investigation of Evidence RAW Image using OS Forensics Tool
-
2015.05 [hackingarticles] How to Create and Convert RAW Image in Encase and AFF Format using Forensics Imager
-
2015.05 [hackingarticles] How to Mount Forensics image as a Drive using P2 eXplorer Pro
-
2015.05 [hackingarticles] How to gather Forensics Investigation Evidence using ProDiscover Basic
-
2015.05 [hackingarticles] How to study Forensics Evidence of PC using P2 Commander (Part 2)
-
2015.05 [hackingarticles] How to Collect Forensics Evidence of PC using P2 Commander (Part 1)
-
2015.05 [hackingarticles] How to Create Forensics Image of PC using R-Drive Image
-
2015.04 [hackingarticles] Forensic Investigation of victim pc using Autopsy
-
2015.04 [hackingarticles] Forensic Investigation of any Twitter account
-
2015.04 [hackingarticles] How to perform Forensic Investigation on user Linkedin Account
-
2015.04 [hackingarticles] How to Perform Forensic Investigation on YouTube
-
2015.04 [hackingarticles] Forensic Investigation of any FaceBook Profile
-
2015.04 [sans] Memory Forensics Of Network Devices
-
2015.03 [hackingarticles] How to find the usage of files in Remote victim PC (Remote PC Forensics)
-
2015.03 Web日志取证分析工具
-
2015.02 电子取证实例:基于磁盘的数据取证
-
2015.02 [n0where] Forensic Data Extraction: Bulk Extractor
-
2015.02 从一次取证到反渗透
-
2015.02 [sans] Another Network Forensic Tool for the Toolbox - Dshell
-
2015.02 [freebuf] 电子取证实例:基于文件系统的磁盘数据取证分析
-
2015.01 [n0where] Dshell – Network Forensic Analysis Framework
-
2015.01 [hackingarticles] How to Collect Email Evidence in Victim PC (Email Forensics)
-
2015.01 [hackingarticles] Forensics Analysis of Social Media Sites like Facebook, Twitter, LinkedIn
-
2014.11 [freebuf] Linux入侵取证:从一次应急事件讲起
-
2014.10 云端博弈——云安全入侵取证及思考
-
2014.10 [tencent] 云端博弈——云安全入侵取证及思考
-
2014.10 [sec] 容易被忽略的Anti-APT产品-网络取证工具NFT
-
2014.08 [n0where] Digital Forensics Toolkit: DEFT
-
2014.08 [freebuf] FB公开课录像:隐蔽通信(FQ)和侦查取证那些事儿
-
2014.07 [freebuf] FreeBuf公开课(直播课程):隐蔽通信(FQ)和侦查取证那些事儿
-
2014.05 [freebuf] 电子取证之Linux PCI分析
-
2014.04 [hackingarticles] Hack MOBILedit Forensic 6.9 Registration (Easy Way)
-
2014.03 [freebuf] 走进计算机取证分析的神秘世界
-
2014.02 [hackingarticles] Forensics Investigation of Remote PC (Part 2)
-
2014.02 [hackingarticles] Forensics Investigation of Remote PC (Part 1)
-
2014.01 [freebuf] 渗透测试中的冷却启动攻击和其他取证技术
-
2013.12 [pediy] [原创]xls文件取证
-
2013.11 [n0where] Network Takeover Forensic Analysis: FS-NyarL
-
2013.05 [sans] Call for Papers - 4th annual Forensics and Incident Response Summit EU
-
2013.05 [freebuf] 移动设备取证、恶意软件分析和安全测试套件—Santoku
-
2013.05 [n0where] Mobile Forensics: Santoku
-
2013.04 [freebuf] 针对取证的GNU/Linux发行版: PALADIN
-
2013.01 [pediy] [推荐]Android取证和安全测试开放课程
-
2012.10 [welivesecurity] PC Support Scams: a Forensic View
-
2012.10 [welivesecurity] Defeating anti-forensics in contemporary complex threats
-
2012.09 [freebuf] [更新]GUI界面文件信息取证分析工具-FileInfo V6.0
-
2012.07 [freebuf] 渗透测试、电子取证系统 – Bugtraq-I
-
2012.07 [freebuf] Iphone取证(一)
-
2012.06 [freebuf] 开源数字调查/取证工具 – Sleuth Kit v4.0.0 Beta1
-
2012.05 [freebuf] 数字取证工具包-SIFT
-
2012.03 [hackingarticles] Antivirus Forensics Tools
-
2012.02 [hackingarticles] BFT (Browser Forensic Tool )
-
2012.01 [rapid7] Metasploit Updated: Forensics, SCADA, SSH Public Keys, and More
-
2012.01 [rapid7] Adventures in the Windows NT Registry: A step into the world of Forensics and Information Gathering
-
2011.11 [hackingarticles] How to View Windows system reboot Date and Time (Windows Forensics)
-
2011.09 [sans] Analyzing Mobile Device Malware - Honeynet Forensic Challenge 9 and Some Tools
-
2011.09 [hackingarticles] Find Last Connected USB on your system (USB Forensics)
-
2011.09 [hackingarticles] List of Computer Forensics Tools (Part 1)
-
2010.11 [trendmicro] STUXNET Scanner: A Forensic Tool
-
2010.09 [sans] Quick Forensic Challenge
-
2010.06 [sans] New Honeynet Project Forensic Challenge
-
2010.05 [sans] SANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
-
2010.05 [sans] 2010 Digital Forensics and Incident Response Summit
-
2010.04 [sans] Network and process forensics toolset
-
2010.01 [sans] Forensic challenges
-
2009.12 [sans] Anti-forensics, COFEE vs. DECAF
-
2009.08 [sans] Network Forensics Puzzle Contest
-
2009.08 [sans] Forensics: Mounting partitions from full-disk ‘dd’ images
-
2009.07 [riusksk] Windows平台下的监控取证技术
-
2009.07 [pediy] [原创]Windows平台下的取证技术
-
2008.10 [sans] Day 19 - Eradication: Forensic Analysis Tools - What Happened?
-
Volatility
- 2019.11 [volatility] Results from the 2019 Volatility Contests are in!
- 2019.10 [volatility] Announcing the Volatility 3 Public Beta!
- 2019.10 [countuponsecurity] Notes on Linux Memory Analysis – LiME, Volatility and LKM’s
- 2019.10 [doyler] BofA Forensics and Volatility for the Win (DerbyCon 9)
- 2019.07 [cristivlad25] Practical Pentesting - How to do Memory Forensics with Volatility - AttackDefense Labs
- 2019.06 [infosecinstitute] Ransomware analysis with Volatility
- 2019.04 [andreafortuna] How to analyze a VMware memory image with Volatility
- 2019.03 [4hou] 基础事件响应中的Volatility工作流程
- 2019.01 [sans] Mac Memory Analysis with Volatility
- 2019.01 [sans] Android Mind Reading - Memory Acquisition and Analysis with LiME and Volatility
- 2019.01 [sans] Volatility Bot
- 2018.11 [volatility] Results from the 2018 Volatility Contests are in!
- 2018.08 [jpcert] Volatility Plugin for Detecting Cobalt Strike Beacon
- 2018.07 [aliyun] 利用Volatility进行入侵痕迹分析
- 2018.07 [andreafortuna] Digital forensics chronicles: image identification issues on large memory dump with Volatility
- 2018.07 [andreafortuna] Finding malware on memory dumps using Volatility and Yara rules
- 2018.05 [pentesttoolz] Linux Screenshot XWindows – Volatility Plugin To Extract X Screenshots From A Memory Dump
- 2018.05 [volatility] The 6th Annual Volatility Plugin Contest and the Inaugural Volatility Analysis Contest!
- 2018.05 [pentestingexperts] Memory Forensics Investigation using Volatility (Part 1)
- 2018.05 [cybertriage] Using Volatility in Cyber Triage to Analyze Memory
- 2018.04 [acolyer] Espresso: brewing Java for more non-volatility with non-volatile memory
- 2018.03 [broadanalysis] Guest Blog Post: njRat Analysis with Volatility
- 2018.03 [X13Cubed] Volatility Profiles and Windows 10
- 2018.01 [cydefe] Tools 101: Volatility Usage
- 2018.01 [hackingarticles] Memory Forensics Investigation using Volatility (Part 1)
- 2017.12 [360] 如何使用QEMU和Volatility攻击全盘加密的系统
- 2017.12 [diablohorn] attacking encrypted systems with qemu and volatility
- 2017.11 [pentestingexperts] Stuxnet’s Footprint in Memory with Volatility 2.0
- 2017.11 [volatility] Results from the (5th Annual) 2017 Volatility Plugin Contest are in!
- 2017.10 [sans] Using Yara rules with Volatility
- 2017.10 [4hou] 使用Volatility检测DoublePulsar
- 2017.08 [shelliscoming] DoublePulsar SMB implant detection from Volatility
- 2017.08 [nextplatform] The Ironic – And Fleeting – Volatility In NVM Storage
- 2017.05 [360] 电子取证技术之实战Volatility工具
- 2017.04 [volatility] The (5th Annual) 2017 Volatility Plugin Contest is Live!
- 2017.02 [ponderthebits] OSX (Mac) Memory Acquisition and Analysis Using OSXpmem and Volatility
- 2017.01 [freebuf] 利用Volatility进行Windows内存取证分析(二):内核对象、内核池学习小记
- 2017.01 [freebuf] 利用Volatility进行Windows内存取证分析(一):初体验
- 2016.12 [volatility] The Release of Volatility 2.6
- 2016.12 [volatility] Results from the 2016 Volatility Plugin Contest are in!
- 2016.10 [sans] Volatility Bot: Automated Memory Analysis
- 2016.10 [tisiphone] Using Team Cymru’s MHR with Volatility
- 2016.10 [n0where] Automated Memory Analyzer For Malware Samples: VolatilityBot
- 2016.09 [volatility] Volatility Update: Core team is growing!
- 2016.09 [cysinfo] Detecting Malicious Processes Using Psinfo Volatility Plugin
- 2016.09 [cysinfo] Detecting Deceptive Process Hollowing Techniques Using HollowFind Volatility Plugin
- 2016.08 [linoxide] How to Setup Volatility Tool for Memory Analysis
- 2016.07 [cysinfo] Linux Memory Diff Analysis using Volatility
- 2016.06 [cysinfo] Hunting APT RAT 9002 In Memory Using Volatility Plugin
- 2016.05 [freebuf] 使用VOLATILITY发现高级恶意软件
- 2016.04 [virusbulletin] VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers
- 2016.04 [holisticinfosec] toolsmith #115: Volatility Acuity with VolUtility
- 2016.04 [volatility] Airbnb Donates $999 to the 2016 Volatility Plugin Contest!
- 2016.04 [volatility] The 2016 Volatility Plugin Contest is now live!
- 2016.02 [360] 在windows环境下使用Volatility或PE Capture捕捉执行代码(PE/DLL/驱动恶意文件)
- 2016.02 [tribalchicken] Extracting FileVault 2 Keys with Volatility
- 2016.02 [tribalchicken] Extracting FileVault 2 Keys with Volatility
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Overview
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 1: Mimikatz & lsass.exe Dump
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 2: Windows 7 Full Memory Dump & Get Hashes
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 3: WinDBG Mimikatz Extension
- 2016.02 [govolution] Windows Credentials and Memory Dumps – Part 4: Volatility & Mimikatz
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 6: VMWare Workstation
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 7: ESXi Server
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 8: ESXi Attacking Scenario – Volatility on ESXi
- 2016.02 [govolution] Memdumps, Volatility, Mimikatz, VMs – Part 9: Logging & Monitoring ESXi
- 2016.01 [sans] Some useful volatility plugins
- 2016.01 [metabrik] Malware analysis with VM instrumentation, WMI, winexe, Volatility and Metabrik
- 2015.11 [volatility] Guest Post: Martin Korman (VolatilityBot - An Automated Malicious Code Dumper)
- 2015.11 [tribalchicken] Extracting BitLocker keys with Volatility (PoC)
- 2015.11 [tribalchicken] Extracting BitLocker keys with Volatility (PoC)
- 2015.11 [secist] 调查取证之Volatility框架的使用
- 2015.11 [n0where] Volatile Memory Extraction: The Volatility Framework
- 2015.11 [volatility] PlugX: Memory Forensics Lifecycle with Volatility
- 2015.10 [volatility] Results from the 2015 Volatility Plugin Contest are in!
- 2015.10 [autopsy] The Volatility team talks proactive threat hunting with memory forensics (an OSDFCon presentation)
- 2015.10 [angelalonso] Android Memory Analysis (II) - Extracting the memory and analyzing with Volatility
- 2015.09 [airbuscybersecurity] Volatility plugin for PlugX updated
- 2015.08 [volatility] Volatility Updates Summer 2015
- 2015.07 [volatility] The 2015 Volatility Plugin contest is now live!
- 2015.07 [volatility] Volatility at Black Hat USA & DFRWS 2015!
- 2015.02 [kudelskisecurity] Volatility plugin for Dyre
- 2014.12 [sans] Some Memory Forensic with Forensic Suite (Volatility plugins)
- 2014.10 [volatility] Announcing the 2014 Volatility Plugin Contest Results!
- 2014.09 [volatility] The Volatility Foundation: Fighting for Open Source Forensics
- 2014.09 [volatility] Volatility 2.4 at Blackhat Arsenal - Defeating Truecrypt Disk Encryption
- 2014.09 [volatility] Facebook Donation Doubles the Volatility Plugin Contest Prizes
- 2014.09 [volatility] Heads Up! 2014 Volatility Plugin Contest Deadline Extended!
- 2014.08 [volatility] Volatility 2.4 at Blackhat Arsenal - Reverse Engineering Rootkits
- 2014.08 Forensic FOSS: 4n6k_volatility_installer.sh - Install Volatility For Linux Automatically
- 2014.08 [volatility] Volatility 2.4 at Blackhat Arsenal - Tracking Mac OS X User Activity
- 2014.08 [toolswatch] Volatility v2.4 – Art of Memory Forensics Released
- 2014.08 [volatility] New Volatility 2.4 Cheet Sheet with Linux, Mac, and RTFM
- 2014.08 [volatility] Presenting Volatility Foundation Volatility Framework 2.4
- 2014.07 [volatility] Volatility at Black Hat USA & DFRWS 2014
- 2014.05 [volatility] Volatility - Update All The Things
- 2014.04 [volatility] Volatility Memory Forensics and Malware Analysis Training in Australia!
- 2014.03 [reverse] Teaching Rex another TrustedBSD trick to hide from Volatility
- 2014.03 [mcafee] Timeline of Bitcoin Events Demonstrates Online Currency’s Volatility
- 2014.02 [freebuf] 利用Volatility查找系统中的恶意DLL
- 2014.02 [freebuf] Linux下内存取证工具Volatility的使用
- 2014.02 [volatility] Training by The Volatility Project Now Available In Three Continents!
- 2013.11 [holisticinfosec] Volatility 2.3 and FireEye’s diskless, memory-only Trojan.APT.9002
- 2013.11 [toolswatch] Volatility The advanced memory forensics framework v2.3 available (Support of OSX)
- 2013.10 [volatility] Volatility 2.3 Released! (Official Mac OS X and Android Support)
- 2013.09 [volatility] Leveraging CybOX with Volatility
- 2013.08 [quequero] Quick Volatility overview and R.E. analysis of Win32.Chebri
- 2013.08 [volatility] Results are in for the 1st Annual Volatility Framework Plugin Contest!
- 2013.06 [sans] Volatility rules…any questions?
- 2013.06 [volatility] MOVP II - 4.5 - Mac Volatility vs the Rubilyn Kernel Rootkit
- 2013.05 [volatility] Automated Volatility Plugin Generation with Dalvik Inspector
- 2013.05 [securityintelligence] Zeus Analysis – Memory Forensics via Volatility
- 2013.05 [volatility] MoVP II - 2.3 - Creating Timelines with Volatility
- 2013.05 [volatility] MOVP II - 1.5 - ARM Address Space (Volatility and Android / Mobile)
- 2013.05 [volatility] What’s Happening in the World of Volatility?
- 2013.04 [cyberarms] Volatility Memory Analysis Article Featured in eForensics Magazine
- 2013.03 [volatility] Official Training by Volatility - Reston/VA, June 2013
- 2013.01 [theevilbit] Backtrack Forensics: Memory analysis with volatility
- 2013.01 [volatility] The 1st Annual Volatility Framework Plugin Contest
- 2013.01 [hackingarticles] Volatility – An advanced memory forensics framework
- 2012.12 [volatility] What do Upclicker, Poison Ivy, Cuckoo, and Volatility Have in Common?
- 2012.12 [securityartwork] New MFTParser plugin in the alpha version of Volatility
- 2012.11 [volatility] Windows Memory Forensics Training for Analysts by Volatility Developers
- 2012.10 [volatility] OMFW 2012: Analyzing Linux Kernel Rootkits with Volatility
- 2012.10 [volatility] MoVP for Volatility 2.2 and OMFW 2012 Wrap-Up
- 2012.10 [volatility] Solving the GrrCon Network Forensics Challenge with Volatility
- 2012.10 [volatility] Phalanx 2 Revealed: Using Volatility to Analyze an Advanced Linux Rootkit
- 2012.09 [volatility] MoVP 3.5: Analyzing the 2008 DFRWS Challenge with Volatility
- 2012.09 [volatility] MoVP 2.5: Investigating In-Memory Network Data with Volatility
- 2012.09 [sans] Volatility: 2.2 is Coming Soon
- 2012.09 [volatility] Month of Volatility Plugins (MoVP)
- 2012.08 [sans] Digital Forensics Case Leads: Identifying TrueCrypt volumes with Volatility, Malware that can sneak into VM’s and more…
- 2012.08 [sans] Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere
- 2012.07 [sans] Digital Forensics Case Leads: Skype acting weird, Mircosoft backdooring Skype! Volatility with x64 support… Facebook censoring chats for criminal activities!? A Russian hacker challenge Apple by bypassing Apple Store authentication mechanism and get apps for free!!! All that and more, this week on Case Leadsâ¦
- 2012.04 [hiddenillusion] YARA + Volatility … the beginning
- 2012.03 [hiddenillusion] Making Volatility work for you
- 2011.10 [quequero] Shylock via volatility
- 2011.09 [holisticinfosec] toolsmith: Memory Analysis with DumpIt and Volatility
- 2011.08 [sans] Digital Forensics Case Leads: SIFT 2.1, Volatility 2.0
- 2011.02 [toolswatch] Volatility The advanced memory forensics framework v1.4 released
- 2011.01 [sans] A Quick Look at Volatility 1.4 RC1 - What’s New?
- 2010.05 [holisticinfosec] Memory forensics with SIFT 2.0, Volatility, and PTK
- 2010.02 [sans] Digital Forensics Case Leads: Volatility and RegRipper, Better Together
- 2009.07 [sans] New Volatility plugins
- 2009.05 [sans] More new volatility plugins
- 2009.04 [windowsir] New Volatility Plugins
- 2009.03 [moyix] Using Volatility for Introspection
- 2009.03 [moyix] RegRipper and Volatility Prototype
- 2008.08 [windowsir] Volatility 1.3 is out!
- 2008.08 [moyix] Volatility 1.3 is out!
-
Sleuthkit
- 2018.10 [insinuator] Comparison of our tool afro (APFS file recovery) with Blackbag Blacklight and Sleuthkit
- 2011.10 [sans] Digital Forensics Case Leads: Passwords in Wills, Google Chrome a Virus, Cybercrime Unit Saving Money and Updates for Sleuthkit and SSDeep.
- 2011.09 [sans] Shadow Timelines And Other VolumeShadowCopy Digital Forensics Techniques with the Sleuthkit on Windows
- 2005.10 [windowsir] Sleuthkit on Windows
-
Rekall
- 2019.01 [4hou] 借助Rekall进行内存实时分析
- 2019.01 [sans] Rekall Memory Forensics
- 2018.12 [ironcastle] Live memory analysis using Rekall, (Tue, Dec 25th)
- 2018.12 [sans] Live memory analysis using Rekall
- 2018.01 [rekall] ELF hacking with Rekall
- 2017.08 [rekall] Rekall Agent Alpha launch
- 2017.07 [insinuator] Release of Glibc Heap Analysis Plugins for Rekall
- 2016.10 [rekall] The Rekall Agent Whitepaper
- 2015.11 [toolswatch] Rekall The Memory Forensic Framework
- 2015.10 [holisticinfosec] toolsmith #109: CapLoader network carving from Rekall WinPmem Memory Image
- 2015.05 [holisticinfosec] toolsmith: Attack & Detection: Hunting in-memory adversaries with Rekall and WinPmem
- 2015.02 [n0where] Rekall Memory Forensic Framework
- 2014.03 [sans] Linux Memory Dump with Rekall
Source: peerlyst
Continue Reading…Remaining Part In My Reply!
ENJOY & HAPPY LEARNING!
Feedback if you appreciate the share. Cheers!