Don’t Deny It! When you were a child, did you ever do something that you shouldn’t have, and when caught and subsequently questioned by your parents as to whether you just did something which is blaringly obvious, did you deny…
Depending on your level of paranoia, security awareness or interest this may or may not be relevant. With the release of the Snowden files a few years back however, the Cyber Security community gained access to untold knowledge and confirmation…
Things are different in the world of techs compared to the world of Executives. We have more time, more interest in a level of detail,more desire to chew the fat over a topic. Executives don’t have this luxury. In fact…
Jumping straight back in with no news of what’s been happening, apart from a new job, and me generally forgetting about this altogether. If you want a simple way to get timelining with log2timeline & plaso, running it on Ubuntu…
So I’ve got to be quick while writing this, as I’m about to go back home after a week of training. I’ve been feeling the guilt for some time, knowing that I entirely missed posting in April and it was…
When I had been given the better part of 8gb of logs recently and was playing with a trial licence of splunk, I was in between a rock and a hard place. I had a string to search for, but…
After days of going through pages of doco, running tests on terabytes of files, I finally made it all work. log2timeline.py myhost.plaso sourceimage.vmdk #myhost.plaso is going to be the output body file for psort. This creates the metadata and…
FTK Imager is a free tool from Access Data that has a few key functions: 1.Capture live memory and dump to a .mem file (to be used with volatility/rekall etc later) 2.Create a custom content image from the file system.…
Ok, so we need to mount a raw image to be able to extract some files from it. Prior to doing this, we need to do a few things. Run the file command, to identify how many partitions are within…
One of the main challenges when using new tools is knowing what the output is going to look like once you’re done. Does it present itself in a visually appealing way, does it contain what you need, etc. As part…