arzuyorusec.hashnode.dev·Oct 29, 2024Introduction to Forensics and Incident Response - Cyberexam Lab Writeuphttps://learn.cyberexam.io/cyber-academy/digital-forensics/introduction-to-forensics-and-incident-response/quiz-for-lab Mission Statement Identify the suspicious activity in Linux systems. Connect with ssh on port 22. Run the commands; chmod 400 key...Discusscyberexam
arzuyorusec.hashnode.dev·Sep 26, 2024Someone Phished Me! - Cyberexam Lab WriteupLab bağlantı adresi: https://learn.cyberexam.io/challenges/blue-team/incident-response/someone-phished-me Görev Tanımı Oliver kullandığı Windows makinesinde, banka hesabının çalındığını farkediyor. Yetkililer ile görüşüyor ve makinesi izole ediliyor...Discuss·1 like·150 readscyberexam
arzuyorusec.hashnode.dev·Sep 16, 2024Compromised Machine Analysis - Cyberexam Lab WriteupLab bağlantı adresi: https://learn.cyberexam.io/challenges/blue-team/incident-response/compromised-machine-analysis Görev Tanımı Marry Windows bir bilgisayar kullanıyor. Bir süre sonra lisansı sona eriyor ve internetten ücretsiz güncelleyebileceği l...Discuss·159 readscyberexam
Jonathan Gonzalezgodslittlemacro.hashnode.dev·Jul 10, 2023Fools Gold: The Hidden Cost of "Cracked" Software (Part 1)NOTE: This content was derived from my presentation @ the 2022 Texas Cyber Summit, with a few additions from the current threat landscape. Opening Pandora's Box It is a tale as old as time. The youngster wishes to download music or a game on the fami...Discuss·78 readsinfosec
Matthew Turnermatteturner.hashnode.dev·Feb 23, 2023Compiling AFF4-CPP-Lite for Ubuntu 22.0.4What is AFF4 The Advanced Forensics File format 4 was originally designed and published in “Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow” M.I. Cohen, Simson...Discuss·122 readsdigitalforensics
Ewaldo Simon Hirasaldosimon.com·Aug 17, 2022Powershell base64 payloadI was doing some 'weird jobs', and needed to know what really is happening with this powershell base64 payload. The payload itself is nothing typically new, but I think I'll post it here incase someone needed it, since it was pretty hard trying these...Discuss·42 readsDFIR
Ewaldo Simon Hirasaldosimon.com·Aug 6, 2022DFIR toolseven with the awesome list all over github, I kept losing tracks of cool tools, so here are some of them: (last update 11.09.2022) in the spirit of keep updating the resources, I'm moving this post to aldosimon/infosec-compendium event log parser cha...DiscussDFIR
Ewaldo Simon Hirasaldosimon.com·Apr 16, 2022Windows core processesDalam sebuah kegiatan incident response, adakalanya kita perlu mengetahui karakteristik proses yang sedang berjalan, sehingga dapat memutuskan apakah proses tersebut malicious atau tidak. Berikut beberapa proses inti windows (Windows core processes),...DiscussDFIR
Ewaldo Simon Hirasaldosimon.com·Jan 10, 2022Various command for quick IRSaya sedang mengerjakan sebuah investigation challenge di tryhackme.com, dan ada Beberapa command line yang menurut saya cukup menarik untuk di dokumentasikan, serta dapat dipakai sebagai sarana IR kilat di bagian awal asesmen. command line yang sa...DiscussDFIR
Ewaldo Simon Hirasaldosimon.com·Dec 23, 2021Nginx log terkait log4j/ log4shellintro log4j/ log4shell adalah sebuah vuln yang cukup menghebohkan di akhir tahun ini, hal ini karena aplikasi logging ini cukup banyak di pakai di software OSS, serta vuln. nya yang cukup parah. log4j memiliki kelemahan yang membuat attacker bisa men...Discussdetection engineering
