Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • Jul 21, 2017

    BaTbot: Telegram Bot written in bash script

    Can i manage my home-server using Telegram? … read more »
  • Jul 20, 2017

    How to recover event logs from a Windows memory image

    Using Volatility and EVTXtract … read more »
  • Jul 19, 2017

    XRay: a great network <a href="https://www.andreafortuna.org/tagged/osint" target="_blank">OSINT</a> gathering tool

    Really useful in the first phases of a penetration test … read more »
  • Jul 18, 2017

    How to extract data and timeline from Master File Table on NTFS filesystem

    The most important file in a NTFS filesystem … read more »
  • Jul 17, 2017

    Volatility, my own cheatsheet (Part 4): Kernel Memory and Objects

    Let’s go down a bit more deeply in the system, and let’s go to find kernel modules into the memory dump. … read more »
  • Jul 16, 2017

    “Light of the Seven” from Game Of Thrones soundtrack: my guitar transcription

    A simple piece, good for novice students … read more »
  • Jul 14, 2017

    Ultra-Geek Linux Laptop: my own setup

    Some days ago i’ve written a post about the “Ultra-Geek” Linux Workstation developed by Joe Nelson. … read more »
  • Jul 13, 2017

    jq: a lightweight and flexible command-line JSON processor

    Like ‘sed’, for JSON data … read more »
  • Jul 12, 2017

    Hindsight: Internet history forensics for Google Chrome/Chromium

    An Open Source tool for analyzing web artifacts. … read more »
  • Jul 11, 2017

    Bitscout — The Free Remote Digital Forensics Tool Builder

    Kaspersky Releases an Open Source Digital Forensics Tool … read more »
  • Jul 10, 2017

    Volatility, my own cheatsheet (Part 3): Process Memory

    Let’s try to analyze the memory in more detail… … read more »
  • Jul 7, 2017

    The secret reason we eat meat

    Why do humans eat meat? … read more »
  • Jul 6, 2017

    Malware persistence techniques

    Once executed on target system, a malware try to hide itself and achieving persistence on the exploited machine, in order to continue to act even after system reboot. … read more »
  • Jul 5, 2017

    Andres Segovia concert on Italian television

    A valuable historical document … read more »
  • Jul 4, 2017

    Fileless Malware for Dummies

    Just some random thoughts about this kind of threat … read more »
  • Jul 3, 2017

    Volatility, my own cheatsheet (Part 2): Processes and DLLs

    Once identified the correct profile, we can start to analyze the processes in the memory and, when the dump come from a windows system, the loaded DLLs. … read more »
  • Jun 30, 2017

    Information gathering tools

    Using OSINT sources for penetration testing … read more »
  • Jun 29, 2017

    Python for malware analysis

    Six Python tools useful for identify and analyse malware … read more »
  • Jun 28, 2017

    Petya/Notpetya ransomware: we have a vaccine!

    Just create a file in c:\windows! … read more »
  • Jun 28, 2017

    Extract filesystem bodyfile from a VirtualBox VM

    Using vboxmanage and some tools from SleuthKit … read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician