Outer Web | Explore

Explore >> Select a destination

You are here		www.khyrenz.com Updated again! Automated USB artefact parsing from the Registry and Event Log
\|	\|	countuponsecurity.com Digital Forensics - ShimCache Artifacts \| Count Upon Security	13.0 parsecs away Travel
\|	\|	Following our last article about the Prefetch artifacts we will now move into the Windows Registry. When conducting incident response and digital forensics on Windows operating systems one of the sources of evidence that is normally part of every investigation is the Windows Registry. The Windows Registry is an important component of the OS and...	13.0 parsecs away Travel
\|	\|	thinkdfir.com I can see and hear you seeing and hearing me! - ThinkDFIR	13.7 parsecs away Travel
\|	\|	In preparation for an upcoming FOR500 class I thought I would test out one of the recent additions to the class. This post by my colleague Zach shows that Win10 1903 and later has a registry key that will store the full path of any executable that utilises the computers camera or microphone. Zach shows...	13.7 parsecs away Travel
\|	\|	port139.hatenablog.com SANS?????????? ??????? (3) - @port139 Blog	35.6 parsecs away Travel
\|	\|	????????????????????????????????????????????????????????????????????????????????????????????????????????? RedLine??????????????PID 840???cmd.exe?????????????????MIRAgent.exe???????????????????? MIRAgent?Mandiant????????????????CMD????????????????? ?????CMD.EXE????????????????????????????????????????...	35.6 parsecs away Travel
\|	\|	www.sonatype.com Fake IP checker utilities on npm are crypto stealers	81.8 parsecs away Travel
\|		Crypto stealers are posing as IP checker utilities on npm, targeting Windows, Linux and macOS users with new open source malware campaigns.	81.8 parsecs away Travel