File System Analysis

10 bookmarks
Custom sorting
Using Alternate Data Streams to Persist on a Compromised Machine
Using Alternate Data Streams to Persist on a Compromised Machine
Back in the days before Windows Vista, Alternate Data Streams used to be an acceptable way for malware authors to hide their malicious code. An Alternate Data Stream can be used to hide the presenc…
·enigma0x3.net·
Using Alternate Data Streams to Persist on a Compromised Machine
File Signatures
File Signatures
Free file signature page since 2002!
·garykessler.net·
File Signatures
File System Forensic Analysis
File System Forensic Analysis
The Definitive Guide to File System Analysis: Key Concepts and Hands-on Techniques Most digital evidence is stored within the computer's file system, but understanding how file systems work is one … - Selection from File System Forensic Analysis [Book]
·oreilly.com·
File System Forensic Analysis
Change log
Change log
Eric Zimmerman Tools Changelog
·f001.backblazeb2.com·
Change log
NotPetya fsutil clear journal
NotPetya fsutil clear journal
Although initially labeled as ransomware due to the ransom message that is displayed after infection, it appears now that NotPetya functions more as a destructive wiper-like tool than actual ransomware
·logrhythm.com·
NotPetya fsutil clear journal
Using Alternate Data Streams to Persist on a Compromised Machine | enigma0x3
Using Alternate Data Streams to Persist on a Compromised Machine | enigma0x3
Back in the days before Windows Vista, Alternate Data Streams used to be an acceptable way for malware authors to hide their malicious code. An Alternate Data Stream can be used to hide the presenc…
·enigma0x3.net·
Using Alternate Data Streams to Persist on a Compromised Machine | enigma0x3