Outer Web | Explore

Explore >> Select a destination

You are here		ogmini.github.io BelkaCTF 6 - Bogus Bill Tasks 1-5 \| ogmini - Exploration of DFIR
\|	\|	adsecurity.org » The Ultimate Movie Hacking Tool - Command Shell at Windows Logon Screen (via "StickyKeys") » Active Directory Security	5.0 parsecs away Travel
\|	\|	[AI summary] The article explains a method to bypass Windows logon security by replacing the Ease of Access Sticky Keys executable with a command prompt to gain system-level access.	5.0 parsecs away Travel
\|	\|	www.khyrenz.com Updated again! Automated USB artefact parsing from the Registry and Event Log	4.7 parsecs away Travel
\|	\|	Let me start by saying that, yes: many tools already exist to parse information out of the Windows Registry and/or the Event Log. However, while I was conducting my own tool validation processes (see https://github.com/khyrenz/tool_validation), I realised that very few tools parse this information out and automatically populate the kind of table that I would be adding into my forensic report.So... I did a bit of R&D, and I present to you a Python script that does just that; creatively named pars	4.7 parsecs away Travel
\|	\|	thinkdfir.com I can see and hear you seeing and hearing me! - ThinkDFIR	4.3 parsecs away Travel
\|	\|	In preparation for an upcoming FOR500 class I thought I would test out one of the recent additions to the class. This post by my colleague Zach shows that Win10 1903 and later has a registry key that will store the full path of any executable that utilises the computers camera or microphone. Zach shows...	4.3 parsecs away Travel
\|	\|	gnn.vircom.in Writable File in Lenovo's Windows Directory Enables a Stealthy AppLocker Bypass - GNN	29.8 parsecs away Travel
\|		[AI summary] A critical security vulnerability in Lenovo's preloaded Windows systems allows attackers to bypass AppLocker through a writable MFGSTAT.zip file using Alternate Data Streams.	29.8 parsecs away Travel