MehrnoushBlackSuit Ransomware Detection and Mitigation: Leveraging Microsoft Sentinel AnalyticsIn today’s rapidly evolving cybersecurity landscape, organizations face an ever-growing array of threats that require timely and effective…Sep 3Sep 3
MehrnoushNavigating the /sys Directory: A Linux Forensic Investigator’s GuideThe /sys directory in Linux is not just a pseudo-filesystem; it serves as a crucial interface between the kernel and user space, offering a…Aug 19Aug 19
MehrnoushLeveraging the /proc Filesystem for Linux Live Forensics: A Comprehensive GuideThe /proc filesystem in Linux is an essential artifact for forensic analysts. As a virtual filesystem, it provides an interface to the…Aug 19Aug 19
MehrnoushMaster CORS Security: Develop Your Code to Detect MisconfigurationsCross-Origin Resource Sharing (CORS) is a mechanism that allows a web server to specify who can access its resources and how those…May 25May 25
MehrnoushUnderstanding Shellcode Injection in a Local ProcessWhen it comes to the field of cybersecurity, having a solid grasp of the different methods of shellcode injection is crucial for both…Apr 27Apr 27
MehrnoushBehind the Scenes of Problem-Solving: A Case Study Digital Forensic InvestigationWelcome to the digital forensics field, where every case is a challenging puzzle waiting to be solved. This post will take you on a…Mar 22Mar 22
MehrnoushCreate Custom Content Image -Windows 10 ArtifactsSometimes you need to have artifacts but you haven’t enough storage or time to capture a full image of the system. So you should gather the…Feb 17, 2023Feb 17, 2023
MehrnoushPrefetch Forensic AnalysisPrefetch is a Windows feature that records information about which applications are frequently accessed on a system, as well as the time…Feb 14, 2023Feb 14, 2023
MehrnoushShimCache & AmCache Forensic AnalysisShimCache and AmCache are Windows artifacts that contain information about recently executed applications. They can be analyzed to…Feb 14, 2023Feb 14, 2023