dr3ad_0X1Exploring the Hive- Deep inside the Windows Registry. pt 2Windows Registry Forensics .Feb 23, 2021Feb 23, 2021
dr3ad_0X1Exploring the Hive — Deep Inside the Window RegistryWindows Registry ForensicsNov 15, 2020Nov 15, 2020
dr3ad_0X1Around Memory forensics in 80 days Part 6 — Total RekallAs i said in previous posts we will be looking at rekall in depth Rekall can be installed in windows and as said we will be looking into…Oct 22, 2020Oct 22, 2020
dr3ad_0X1Around Memory Forensics in 80 Days Part 5— In certain conditionsDue to the evolving nature of DFIR, some response may be done entirely remote. Also if you are doing analysis on a server with let’s say a…Sep 28, 20201Sep 28, 20201
dr3ad_0X1Around Memory Forensics in 80 days Part 4— Anomaly and Hidden processes.Well we talked about volatility ps scan and process genealogy in part 3,2, have a glance at that before you proceed.Jul 30, 2020Jul 30, 2020
dr3ad_0X1Around Memory Forensics in 80 days Part 3 — Volatility process listVolatility’s process listing plugin pslist lists all the process which were running in the system. The process is sorted with the start…Jul 21, 2020Jul 21, 2020
dr3ad_0X1Around Memory Forensic in 80 days Part 2 -Volatility IntroductionVolatility is awesome for its own reasons you may not get it quickly, but hold on.Jul 19, 2020Jul 19, 2020
dr3ad_0X1Around Memory Forensic in 80 days Part 1For some unknown reason i am addicted to memory forensics. Scurrying for tutorials notes, learning from people who offered to their notes…Jul 18, 2020Jul 18, 2020