Windows Processes Analysis
People, how are you ? It follows an excellent document (written by Jason Fossen from SANS) about Windows Processes analysis using Process Hacker tool. Amazing!...
View ArticleEXT3 File Recovery
Hello people, what have you been doing ? It follows an interesting document about Ext3 File Recovery written by Hal Pomeranz (Mandiant) https://www.mandiant.com/blog/ext3-file-recovery-indirect-blocks/...
View ArticleWindows Command Line Interface (reposting)
A couple of months ago I published two articles about Windows command line interface. However, I’ve realized that most people don’t remember these commands in a daily forensic analysis, and then I’ve...
View ArticleFinding modified, accessed and created files with macmatch.exe
People, good morning. How are you? Do you know how to discover what files changed between two defined dates ? Use macmatch.exe tool:...
View ArticleForensics: mounting a partition from a raw image by using Kali Linux
Dear readers, how are you? It follows a very short document about how to mount a partition from a raw image by using Kali Linux:...
View ArticleDevice profiling and Firefox anonymity
Dear readers, how are you? Two interesting articles for your reading follow below. The first one comes from SANS (by Chad Tilbury) and it explains about Device Profiling. The second one is about...
View ArticleLecture about Malware and Memory Analysis at UNASP-EC
Dear reader, what have you been doing? Yesterday I taught a lecture about Malware and Memory Analysis at UNASP-EC University. Few photos follow: I keep my work trying to bring real, practical and...
View ArticleLecture about Malware Analysis at Unimonte university
Dear readers, good day. Last OCT/25 I taught a lecture about Malware Analysis at Unimonte university. As usual, all students (and teachers!) very interested in learning this fascinating world from IT...
View Article
More Pages to Explore .....