you sneakymonkey!
  • 127.0.0.1
  • OSCP
  • Github
  • My Feedly
  • CV
  • Cyber Security Challenge
  • Whitehatters Academy

forensics

A collection of 4 posts

grrcon

GrrCon 2017 DFIR write up - Level 1

#GrrCon 2017 #DFIR #CTF challenge. Several host images and memory dumps need to be analysed and investigated. Submit IOCs as you progress...

Mark Mark
blueteam

Blue Team Basics - PCAP File Extraction

A few methods of how to carve data out of PCAPs. Whether this be a single analysis of some network traffic or part of a malware analysis lab. Using Wireshark Ideal for investigating

Mark Mark
ctf

GrrCon 2016 DFIR Write up - Part 3

Level 3 Question 16) What is the maldoc md5hash? Start by using FILESCAN and searching for documents .rtf, .doc, .docx etc... [email protected]:~# python volatility/vol.py -f /mnt/hgfs/Shared/Part3/ecorpwin7-e73257c4.

Mark Mark
forensics

GrrCon 2016 DFIR Write up - Part 1

CTF HOMEPAGE https://ir.e-corp.biz/home To start off, get Volatility or a prebuilt vm like SANS SIFT Workstation, they've recommended using the provided Security Onion image. Also, check out the community

Mark Mark
you sneakymonkey! © 2021
Latest Posts Twitter Ghost