The problem is always the same: every data that is stored into volatile memory can be extracted with the correct tools/techniques.
In my point of view, SIFT is the definitive forensic toolkit!
Nmap is the most known port scanner, written and maintained by Gordon Lyon (Fyodor). It can be used for network discovery and for most security enumeration during the initial stages of penetration testing.
2018’s security trends: malicious cryptomining Malicious cryptomining, also sometimes called drive-by mining, is when someone else is using your computer to mine cryptocurrency like Bitcoin or Monero: essentially, they are stealing your resources to make money.
In a comment on my article Volatility, my own cheatsheet (Part 3): Process Memory, Fabrizio asked me: […] da un dump di memoria su un sistema win7, ho rilevato che era in esecuzione notepad, è possibile visualizzarne il contenuto? ([…] from a memory dump on a win7 system, I found out that notepad was running,…
Since 2014, the use of containers started making a big growth in IT, and especially in devops.