-
Apr 23, 2018
The Windows Subsystem for Linux (WSL) is a great feature introduced in Windows 10. Is a compatibility layer for running Linux binary executables natively on Windows 10, and allows the use of a rather real linux installation, without using a… read more »
-
Apr 20, 2018
Paul Galbraith is an outstanding artist, especially in his interpretation of J.S. Bach. Galbraith, with the help of the great luthier David Rubio, has developed an entirely new type of guitar, the “Brahms guitar”, with eight strings (it adds a… read more »
-
Apr 18, 2018
Some interesting scripts, probably outdated but still useful. In 2012 Jacky Fox, on her MSc dissertation focused on extraction and correlation of Windows registry artifacts. During her research she realised a set of bash script for forensic interpretation of Windows… read more »
-
Apr 16, 2018
It's not a mystery: raw JSON it's not really readable! So, when you need to process a JSON array from command line, it's a good idea using some helpful tools. Here my own shortlist of command line tools for JSON… read more »
-
Apr 13, 2018
A funny and interesting TED-ED Talk! (post image courtesy of Ivo The Cat) I've never made a secret of my love for cats, and I really enjoyed this TED talk in which Tony Buffington explains the science behind some of… read more »
-
Apr 11, 2018
Often, during a forensic analysis, you may need to explore an EWF image (usually a file with .E0X extension) in order to extract some artifacts. EWF files (Expert Witness Format) are a type of disk image, that contain the contents… read more »
-
Apr 9, 2018
My own suggestions about keeping a Digital Chain of Custody In forensic scope, the "chain of custody" refers to the chronological documentation or paper trail that records the sequence of custody, control, transfer, analysis, and disposition of physical or electronic… read more »
-
Apr 6, 2018
Effective practice isn't just a physical exercise: most of the effectiveness it's in the mind too. From my point of view, is really important to understand that playing and practicing guitar is not the same thing. When you are playing… read more »
-
Apr 4, 2018
Services like Amazon’s S3 have made it easier and cheaper than ever to store large quantities of data in the cloud. Used properly, S3 buckets are a useful tool, however a lot of companies fail to implement basic security resulting… read more »
-
Mar 30, 2018
Left hand slurs are an essential part of a good technical practice. In this first post i will share one of my own slur exercises, involving two fingers. Slur practice can be very fatiguing. I would recommend practicing slow and… read more »
-
Mar 28, 2018
Some days ago, during a chat with a friend who works in a small software development company, the webshells topic has come up. During the migration of a production system, my friend found some suspicious .php files, which turned out… read more »
-
Mar 26, 2018
A new technique, called "Internal Monologue Attack", allows and attack similar to Mimikatz without dumping memory area of LSASS process, avoiding antivirus and Windows Credential Guard. Mimikatz is a well-known tool which allows attackers to extract plain text passwords from LSASS… read more »
-
Mar 23, 2018
Sometimes, Youtube suggest me guitar related videos, and in most cases are very interesting contents. Yesterday, the first suggestion is a long video lesson by Abel Carlevaro: i believe is a good idea share it. Who is Abel Carlevaro? Abel… read more »
-
Mar 21, 2018
Some thought about Cambridge Analytica and Facebook privacy settings. Recently Facebook revealed in a blog post that it suspended Cambridge Analytica and Strategic Communication Laboratories accounts for illegally accessing and sharing user data more than two years ago. Cambridge Analytica… read more »
-
Mar 19, 2018
The problem is always the same: every data that is stored into volatile memory can be extracted with the correct tools/techniques. I've already written a lot of posts about volatility and mimikatz, today i want to write something about KeeFarce.… read more »
-
Mar 16, 2018
Simple, but effective! The Pomodoro technique is a productivity method that uses timers and breaks, emphasizing working in focused bursts. Developed in the 1980s by Francesco Cirillo, the Pomodoro technique is based on a simple concept: write down a task,… read more »
-
Mar 14, 2018
In my point of view, SIFT is the definitive forensic toolkit! The SIFT Workstation is a collection of tools for forensic investigators and incident responders, put together and maintained by a team at SANS and specifically Rob Lee, also available bundled… read more »
-
Mar 12, 2018
Nmap is the most known port scanner, written and maintained by Gordon Lyon (Fyodor). It can be used for network discovery and for most security enumeration during the initial stages of penetration testing. Nmap has a multitude of options and… read more »
-
Mar 9, 2018
For several year i've played classical guitar in the traditional way...but some year ago i've fallen in love with the sonority of nylon guitar played with only the fingertips. So, i've cut my fingernails and started to rebuild my right-hand… read more »
-
Mar 7, 2018
Some months ago a serious vulnerability on EXIM has been disclosed (CVE-2017-16943), and in the last hours Meh Chang (from devco.re) discovered a buffer overflow that allows remote command execution on this MTA. As in March 2017, the total number… read more »