Search Results
307 results found for "forensic"
- NetFlow: Something I Seriously Underestimated (Until I Didn’t)
Sampled NetFlow tracks every n packets Sampled NetFlow: under-represents data volume is not suitable for forensic
- Final Phase of a Ransomware Attack: Impact and Recovery Challenges
From a forensic perspective, the Overwrite/Rename method might leave evidence in the $UsnJrnl or $LogFile
- Tracking Lateral Movement: PowerShell Remoting, WMIC, Explicit Credentials, NTLM Relay Attacks, Credential Theft and Reuse (Event IDs)
Memory forensics for hidden or injected processes. -------------------------------------------------
- Master Wireshark tool Like a Pro: – The Ultimate Packet Analysis Guide for Real-World Analysts
So, if you’re diving into packet analysis or network forensics, you will spend a LOT of time inside Wireshark
- Azure Architecture: First 15 Commands to Run the Moment You Get Access
Next Article https://www.cyberengage.org/post/part-3-getting-into-azure-four-access-methods-and-the-forensic-artifacts-each-one-leaves-behind
- Azure(Tenant Logs) : A Guide for IR
However, the Azure portal limits logs to the last 30 days , making it unsuitable for long-term forensic
- Fileless Malware || LOLBAS || LOLBAS Hunting Using Prefetch, Event Logs, and Sysmon
attacks often exists in various forms across the disk and system memory, making it crucial for Digital Forensics
