GIAC Certified Forensic Analyst | Digital Forensics Certification
Book 5
GIAC CyberLive Hands-On Certifications
Better GIAC Testing with Pancakes – Lesley Carhart's Cybersecurity Blog
Iir vol37 focused1 en
Filter windows
GitHub - jschicht/SetMace: Manipulate timestamps on NTFS
Manipulate timestamps on NTFS. Contribute to jschicht/SetMace development by creating an account on GitHub.
Change log
Eric Zimmerman Tools Changelog
File System Forensic Analysis
The Definitive Guide to File System Analysis: Key Concepts and Hands-on Techniques Most digital evidence is stored within the computer's file system, but understanding how file systems work is one … - Selection from File System Forensic Analysis [Book]
File Signatures
Free file signature page since 2002!
Using Alternate Data Streams to Persist on a Compromised Machine
Back in the days before Windows Vista, Alternate Data Streams used to be an acceptable way for malware authors to hide their malicious code. An Alternate Data Stream can be used to hide the presenc…
GitHub - jschicht/SetMace: Manipulate timestamps on NTFS
Manipulate timestamps on NTFS. Contribute to jschicht/SetMace development by creating an account on GitHub.
GitHub - jschicht/LogFileParser: Parser for $LogFile on NTFS
Parser for $LogFile on NTFS. Contribute to jschicht/LogFileParser development by creating an account on GitHub.
NotPetya fsutil clear journal
Although initially labeled as ransomware due to the ransom message that is displayed after infection, it appears now that NotPetya functions more as a destructive wiper-like tool than actual ransomware
Execute from Alternate Streams · GitHub
Execute from Alternate Streams · GitHub
Using Alternate Data Streams to Persist on a Compromised Machine | enigma0x3
Back in the days before Windows Vista, Alternate Data Streams used to be an acceptable way for malware authors to hide their malicious code. An Alternate Data Stream can be used to hide the presenc…
Invoke-AltDSBackdoor/Invoke-ADSBackdoor.ps1 at master · enigma0x3/Invoke-AltDSBackdoor · GitHub
Contribute to enigma0x3/Invoke-AltDSBackdoor development by creating an account on GitHub.