Clik here to view.
Windows Processes Analysis
People, how are you ? It follows an excellent document (written by Jason Fossen from SANS) about Windows Processes analysis using Process Hacker tool. Amazing!...
View ArticleClik here to view.
EXT3 File Recovery
Hello people, what have you been doing ? It follows an interesting document about Ext3 File Recovery written by Hal Pomeranz (Mandiant) https://www.mandiant.com/blog/ext3-file-recovery-indirect-blocks/...
View ArticleClik here to view.
Windows Command Line Interface (reposting)
A couple of months ago I published two articles about Windows command line interface. However, I’ve realized that most people don’t remember these commands in a daily forensic analysis, and then I’ve...
View ArticleClik here to view.
Finding modified, accessed and created files with macmatch.exe
People, good morning. How are you? Do you know how to discover what files changed between two defined dates ? Use macmatch.exe tool:...
View ArticleClik here to view.
Forensics: mounting a partition from a raw image by using Kali Linux
Dear readers, how are you? It follows a very short document about how to mount a partition from a raw image by using Kali Linux:...
View ArticleClik here to view.
Device profiling and Firefox anonymity
Dear readers, how are you? Two interesting articles for your reading follow below. The first one comes from SANS (by Chad Tilbury) and it explains about Device Profiling. The second one is about...
View ArticleClik here to view.
Lecture about Malware and Memory Analysis at UNASP-EC
Dear reader, what have you been doing? Yesterday I taught a lecture about Malware and Memory Analysis at UNASP-EC University. Few photos follow: I keep my work trying to bring real, practical and...
View ArticleClik here to view.
Lecture about Malware Analysis at Unimonte university
Dear readers, good day. Last OCT/25 I taught a lecture about Malware Analysis at Unimonte university. As usual, all students (and teachers!) very interested in learning this fascinating world from IT...
View Article
