-
Mar 19, 2018
The problem is always the same: every data that is stored into volatile memory can be extracted with the correct tools/techniques. I've already written a lot of posts about volatility and mimikatz, today i want to write something about KeeFarce.… read more »
-
Mar 16, 2018
Simple, but effective! The Pomodoro technique is a productivity method that uses timers and breaks, emphasizing working in focused bursts. Developed in the 1980s by Francesco Cirillo, the Pomodoro technique is based on a simple concept: write down a task,… read more »
-
Mar 14, 2018
In my point of view, SIFT is the definitive forensic toolkit! The SIFT Workstation is a collection of tools for forensic investigators and incident responders, put together and maintained by a team at SANS and specifically Rob Lee, also available bundled… read more »
-
Mar 12, 2018
Nmap is the most known port scanner, written and maintained by Gordon Lyon (Fyodor). It can be used for network discovery and for most security enumeration during the initial stages of penetration testing. Nmap has a multitude of options and… read more »
-
Mar 9, 2018
For several year i've played classical guitar in the traditional way...but some year ago i've fallen in love with the sonority of nylon guitar played with only the fingertips. So, i've cut my fingernails and started to rebuild my right-hand… read more »
-
Mar 7, 2018
Some months ago a serious vulnerability on EXIM has been disclosed (CVE-2017-16943), and in the last hours Meh Chang (from devco.re) discovered a buffer overflow that allows remote command execution on this MTA. As in March 2017, the total number… read more »
-
Mar 5, 2018
2018's security trends: malicious cryptomining Malicious cryptomining, also sometimes called drive-by mining, is when someone else is using your computer to mine cryptocurrency like Bitcoin or Monero: essentially, they are stealing your resources to make money. [caption id="attachment_2762" align="alignnone" width="852"]… read more »
-
Mar 2, 2018
In a comment on my article Volatility, my own cheatsheet (Part 3): Process Memory, Fabrizio asked me: [...] da un dump di memoria su un sistema win7, ho rilevato che era in esecuzione notepad, è possibile visualizzarne il contenuto? ([...]… read more »