• Nov 29, 2020

    Musics for a Game Never Born

    Several year ago (at least 15), I've been involved in a exciting project: the development of a video game. Not as developer, but as musician! The game was an old-style platform, but with a realistic physic. When I began collaboration… read more »
  • Nov 25, 2020

    iOS Forensic: full disk acquisition using checkra1n jailbreak

    A simple step-to-step tutorial for iOS full acquisition. The release of Checkm8 iOS exploit, in september 2019, was a bit topic: an exploit could be used on every iOS device made over an approximately 5-year period had major consequences. Checkm8… read more »
  • Nov 22, 2020

    How to detect Cobalt Strike activities in memory forensics

    A brief update on Cobalt Strike detection in forensics analysis, with a couple of new resources. Some days ago I've published some informations about CobaltStrikeScan [1], a useful tool to identify Cobalt Strike beacons in processes memory, today l'd like… read more »
  • Nov 16, 2020

    Jeffrey Paul: your computer isn't yours

    Some privacy concerns about Apple Silicon and MacOs Big Sur. The latest features added by Big Sur in combo with the Silicon M1 processor have some dirty little secrets. A path started some time ago and now completed with a… read more »
  • Nov 15, 2020

    FAMA: Forensic Analysis For Mobile Apps

    FAMA (Forensic Analysis For Mobile Apps) is a forensic framework developed in Python (2.7+) by Lab of Cybersecurity and Digital Forensics at IPLeiria (LabCIF). FAMA is an Android extraction and analysis framework, useful for easily dump user data from a device… read more »
  • Nov 11, 2020

    Privacy Roundup #18

    “It's dangerous when people are willing to give up their privacy.“ - Noam Chomsky Chrome to block tab-nabbing attacks Google will deploy a new security feature in Chrome next year to prevent tab-nabbing, a type of web attack that allows… read more »
  • Nov 8, 2020

    Linux Forensics: Memory Capture and Analysis

    In my previous posts I often covered many tools and techniques that allows memory acquisition from a Windows system. However, I written few articles about Linux memory acquisition and analysis, only one brief post regarding memory profiles generation on Linux, using LiME. So, today I’d like… read more »
  • Nov 3, 2020

    CobaltStrikeScan: identify CobaltStrike beacons in processes memory

    Cobalt Strike was born as a penetration testing tool, useful for Red Teaming activities. However, several threat actors started using it in real attacks. So, a proper detection of Cobal Strike activities during an incidend respose process is extremely important.… read more »