-
Aug 2, 2017
With “ Oh My Tmux!”, a self-contained, pretty and versatile tmux configuration file tmux is a tool that can be used to multiplex several virtual consoles, allowing a user to access multiple separate terminal sessions inside a single terminal window… read more »
-
Aug 1, 2017
A really inspiring post written by Udo Gollub Yesterday, on my Facebook stream, i’ve seen this post: [embed]https://www.facebook.com/alessandro.mininno/posts/1388047444576236[/embed] It’s the italian translation of a post made by Udo Gollub, on his profile. I think that is a really interesting reading, and… read more »
-
Jul 31, 2017
Volatility has the ability to carve the Windows registry data. (Other articles about Volatility: https://www.andreafortuna.org/category/volatility) hivescan To find the physical addresses of CMHIVEs (registry hives) in memory, use the hivescan command. For more information: Enumerating Registry Hives The Windows registry can… read more »
-
Jul 27, 2017
A fully configured platform with open source tools FLARE VM is a freely available and open sourced Windows-based security distribution for reverse engineering, malware analysis, incident response, forensics analysis, and penetration tests. FLARE VM delivers a fully configured platform with a… read more »
-
Jul 25, 2017
A fast and thorough forensic tool bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system structure. Using this approach, bulk_extractor is more fast… read more »
-
Jul 24, 2017
This time we try to analyze the network connections, valuable material during the analysis phase. connections To view TCP connections that were active at the time of the memory acquisition, use the connections command. This walks the singly-linked list of… read more »
-
Jul 21, 2017
Can i manage my home-server using Telegram? batbot.sh is a bash Telegram Bot developed by Andrea Menin. It can reply to user messages, execute commands, and others cool features. [embed]https://www.youtube.com/watch?v=CZbD49nzWSE[/embed] Usage ./botbat.sh [-t "<token>"] [-c <seconds>] ./botbat.sh -h -t Set… read more »
-
Jul 20, 2017
Using Volatility and EVTXtract Usually i use a different approach based on Windows version: Windows XP and 2003 machines Simply use the evtlogs plugin of Volatility: The evtlogs command extracts and parses binary event logs from memory. Binary event logs are… read more »