Enviar pesquisa
Carregar
(120429) #fitalk case studyk-masked file
•
0 gostou
•
54 visualizações
INSIGHT FORENSIC
Seguir
2012 F-INSIGHT TALK
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 26
Baixar agora
Baixar para ler offline
Recomendados
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
INSIGHT FORENSIC
(120303) #fitalk ip finder and geo ip for fun
(120303) #fitalk ip finder and geo ip for fun
INSIGHT FORENSIC
Crisis Communications
Crisis Communications
Nora Carr, Ed.D., APR, Fellow PRSA
(130608) #fitalk pfp (portable forensic plaform)
(130608) #fitalk pfp (portable forensic plaform)
INSIGHT FORENSIC
Cerpen Pahlawan Buntong
Cerpen Pahlawan Buntong
Azwira Ariwana
Red Door Events - Rugby Activations
Red Door Events - Rugby Activations
Red Door Events Porter
Novel Sutera dalam Lukisan
Novel Sutera dalam Lukisan
Azwira Ariwana
Cerpen Tanggar Amanat
Cerpen Tanggar Amanat
Azwira Ariwana
Recomendados
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
INSIGHT FORENSIC
(120303) #fitalk ip finder and geo ip for fun
(120303) #fitalk ip finder and geo ip for fun
INSIGHT FORENSIC
Crisis Communications
Crisis Communications
Nora Carr, Ed.D., APR, Fellow PRSA
(130608) #fitalk pfp (portable forensic plaform)
(130608) #fitalk pfp (portable forensic plaform)
INSIGHT FORENSIC
Cerpen Pahlawan Buntong
Cerpen Pahlawan Buntong
Azwira Ariwana
Red Door Events - Rugby Activations
Red Door Events - Rugby Activations
Red Door Events Porter
Novel Sutera dalam Lukisan
Novel Sutera dalam Lukisan
Azwira Ariwana
Cerpen Tanggar Amanat
Cerpen Tanggar Amanat
Azwira Ariwana
App Circus - Properati
App Circus - Properati
Properati
(120211) #fitalk sq lite record recovery
(120211) #fitalk sq lite record recovery
INSIGHT FORENSIC
(140118) #fitalk 2013 e-discovery trend
(140118) #fitalk 2013 e-discovery trend
INSIGHT FORENSIC
makalah cryptography
makalah cryptography
Renwarin
Swift2.x を Scala からみる
Swift2.x を Scala からみる
Yuichi Adachi
Uses of computer in space
Uses of computer in space
Abdul Hadi
Properati Company Presentation
Properati Company Presentation
Gabriel Gruber
Kata Sendi Nama
Kata Sendi Nama
Megawati Jalaludin
Hilll School Master Plan 2013
Hilll School Master Plan 2013
Geoffrey Richards
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Cyphort
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
Process Whitelisting With VirusTotal
Process Whitelisting With VirusTotal
DNIF
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Bishop Fox
Exam II Review Session Information Security 365/765
Exam II Review Session Information Security 365/765
Nicholas Davis
Network Security Data Visualization
Network Security Data Visualization
amiable_indian
Fortinet, держи марку!
Fortinet, держи марку!
Компания УЦСБ
(160820) #fitalk fileless malware forensics
(160820) #fitalk fileless malware forensics
INSIGHT FORENSIC
(150124) #fitalk advanced $usn jrnl forensics (korean)
(150124) #fitalk advanced $usn jrnl forensics (korean)
INSIGHT FORENSIC
(150124) #fitalk advanced $usn jrnl forensics (english)
(150124) #fitalk advanced $usn jrnl forensics (english)
INSIGHT FORENSIC
(140118) #fitalk detection of anti-forensics artifacts using ioa fs
(140118) #fitalk detection of anti-forensics artifacts using ioa fs
INSIGHT FORENSIC
(141031) #fitalk plaso 슈퍼 타임라인 분석 도구 활용 방안
(141031) #fitalk plaso 슈퍼 타임라인 분석 도구 활용 방안
INSIGHT FORENSIC
(141031) #fitalk os x yosemite artifacts
(141031) #fitalk os x yosemite artifacts
INSIGHT FORENSIC
Mais conteúdo relacionado
Destaque
App Circus - Properati
App Circus - Properati
Properati
(120211) #fitalk sq lite record recovery
(120211) #fitalk sq lite record recovery
INSIGHT FORENSIC
(140118) #fitalk 2013 e-discovery trend
(140118) #fitalk 2013 e-discovery trend
INSIGHT FORENSIC
makalah cryptography
makalah cryptography
Renwarin
Swift2.x を Scala からみる
Swift2.x を Scala からみる
Yuichi Adachi
Uses of computer in space
Uses of computer in space
Abdul Hadi
Properati Company Presentation
Properati Company Presentation
Gabriel Gruber
Kata Sendi Nama
Kata Sendi Nama
Megawati Jalaludin
Hilll School Master Plan 2013
Hilll School Master Plan 2013
Geoffrey Richards
Destaque
(9)
App Circus - Properati
App Circus - Properati
(120211) #fitalk sq lite record recovery
(120211) #fitalk sq lite record recovery
(140118) #fitalk 2013 e-discovery trend
(140118) #fitalk 2013 e-discovery trend
makalah cryptography
makalah cryptography
Swift2.x を Scala からみる
Swift2.x を Scala からみる
Uses of computer in space
Uses of computer in space
Properati Company Presentation
Properati Company Presentation
Kata Sendi Nama
Kata Sendi Nama
Hilll School Master Plan 2013
Hilll School Master Plan 2013
Semelhante a (120429) #fitalk case studyk-masked file
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Cyphort
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
Process Whitelisting With VirusTotal
Process Whitelisting With VirusTotal
DNIF
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Bishop Fox
Exam II Review Session Information Security 365/765
Exam II Review Session Information Security 365/765
Nicholas Davis
Network Security Data Visualization
Network Security Data Visualization
amiable_indian
Fortinet, держи марку!
Fortinet, держи марку!
Компания УЦСБ
Semelhante a (120429) #fitalk case studyk-masked file
(7)
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Process Whitelisting With VirusTotal
Process Whitelisting With VirusTotal
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Exam II Review Session Information Security 365/765
Exam II Review Session Information Security 365/765
Network Security Data Visualization
Network Security Data Visualization
Fortinet, держи марку!
Fortinet, держи марку!
Mais de INSIGHT FORENSIC
(160820) #fitalk fileless malware forensics
(160820) #fitalk fileless malware forensics
INSIGHT FORENSIC
(150124) #fitalk advanced $usn jrnl forensics (korean)
(150124) #fitalk advanced $usn jrnl forensics (korean)
INSIGHT FORENSIC
(150124) #fitalk advanced $usn jrnl forensics (english)
(150124) #fitalk advanced $usn jrnl forensics (english)
INSIGHT FORENSIC
(140118) #fitalk detection of anti-forensics artifacts using ioa fs
(140118) #fitalk detection of anti-forensics artifacts using ioa fs
INSIGHT FORENSIC
(141031) #fitalk plaso 슈퍼 타임라인 분석 도구 활용 방안
(141031) #fitalk plaso 슈퍼 타임라인 분석 도구 활용 방안
INSIGHT FORENSIC
(141031) #fitalk os x yosemite artifacts
(141031) #fitalk os x yosemite artifacts
INSIGHT FORENSIC
(140716) #fitalk 전자금융사고에서의 디지털 포렌식
(140716) #fitalk 전자금융사고에서의 디지털 포렌식
INSIGHT FORENSIC
(140716) #fitalk digital evidence from android-based smartwatch
(140716) #fitalk digital evidence from android-based smartwatch
INSIGHT FORENSIC
(140625) #fitalk sq lite 소개와 구조 분석
(140625) #fitalk sq lite 소개와 구조 분석
INSIGHT FORENSIC
(140407) #fitalk d trace를 이용한 악성코드 동적 분석
(140407) #fitalk d trace를 이용한 악성코드 동적 분석
INSIGHT FORENSIC
(140625) #fitalk sq lite 삭제된 레코드 복구 기법
(140625) #fitalk sq lite 삭제된 레코드 복구 기법
INSIGHT FORENSIC
(130216) #fitalk reverse connection tool analysis
(130216) #fitalk reverse connection tool analysis
INSIGHT FORENSIC
(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls
INSIGHT FORENSIC
(130202) #fitalk trends in d forensics (jan, 2013)
(130202) #fitalk trends in d forensics (jan, 2013)
INSIGHT FORENSIC
(130202) #fitalk china threat
(130202) #fitalk china threat
INSIGHT FORENSIC
(130119) #fitalk sql server forensics
(130119) #fitalk sql server forensics
INSIGHT FORENSIC
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat
INSIGHT FORENSIC
(130119) #fitalk all about physical data recovery
(130119) #fitalk all about physical data recovery
INSIGHT FORENSIC
(130105) #fitalk trends in d forensics (dec, 2012)
(130105) #fitalk trends in d forensics (dec, 2012)
INSIGHT FORENSIC
(130105) #fitalk criminal civil judicial procedure in korea
(130105) #fitalk criminal civil judicial procedure in korea
INSIGHT FORENSIC
Mais de INSIGHT FORENSIC
(20)
(160820) #fitalk fileless malware forensics
(160820) #fitalk fileless malware forensics
(150124) #fitalk advanced $usn jrnl forensics (korean)
(150124) #fitalk advanced $usn jrnl forensics (korean)
(150124) #fitalk advanced $usn jrnl forensics (english)
(150124) #fitalk advanced $usn jrnl forensics (english)
(140118) #fitalk detection of anti-forensics artifacts using ioa fs
(140118) #fitalk detection of anti-forensics artifacts using ioa fs
(141031) #fitalk plaso 슈퍼 타임라인 분석 도구 활용 방안
(141031) #fitalk plaso 슈퍼 타임라인 분석 도구 활용 방안
(141031) #fitalk os x yosemite artifacts
(141031) #fitalk os x yosemite artifacts
(140716) #fitalk 전자금융사고에서의 디지털 포렌식
(140716) #fitalk 전자금융사고에서의 디지털 포렌식
(140716) #fitalk digital evidence from android-based smartwatch
(140716) #fitalk digital evidence from android-based smartwatch
(140625) #fitalk sq lite 소개와 구조 분석
(140625) #fitalk sq lite 소개와 구조 분석
(140407) #fitalk d trace를 이용한 악성코드 동적 분석
(140407) #fitalk d trace를 이용한 악성코드 동적 분석
(140625) #fitalk sq lite 삭제된 레코드 복구 기법
(140625) #fitalk sq lite 삭제된 레코드 복구 기법
(130216) #fitalk reverse connection tool analysis
(130216) #fitalk reverse connection tool analysis
(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls
(130202) #fitalk trends in d forensics (jan, 2013)
(130202) #fitalk trends in d forensics (jan, 2013)
(130202) #fitalk china threat
(130202) #fitalk china threat
(130119) #fitalk sql server forensics
(130119) #fitalk sql server forensics
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk all about physical data recovery
(130119) #fitalk all about physical data recovery
(130105) #fitalk trends in d forensics (dec, 2012)
(130105) #fitalk trends in d forensics (dec, 2012)
(130105) #fitalk criminal civil judicial procedure in korea
(130105) #fitalk criminal civil judicial procedure in korea
Último
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Wonjun Hwang
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Último
(20)
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
(120429) #fitalk case studyk-masked file
1.
FORENSIC INSIGHT SEMINAR Case
Studyk #1 w/ volatility ykei ykei.egloos.com
2.
forensicinsight.org Page 2
/ 35 개요 1. Background 2. Volatility 3. Log2timeline 4. IIS Log
3.
forensicinsight.org Page 3
/ 35 Background - 민원 접수 - 현장 보존
4.
forensicinsight.org Page 4
/ 35 Volatility - Network connections - Processes tracking - Artifact of infection - Binary analysis
5.
forensicinsight.org Page 5
/ 35 Volatility Network connections vol.py connscan vol.py sockscan
6.
forensicinsight.org Page 6
/ 35 Volatility Processes tracking vol.py psscan vol.py pstree
7.
forensicinsight.org Page 7
/ 35 Volatility Processes tracking vol.py dlllist
8.
forensicinsight.org Page 8
/ 35 Volatility Processes tracking vol.py vadinfo vol.py vaddump
9.
forensicinsight.org Page 9
/ 35 Volatility Processes tracking Strings on VAD
10.
forensicinsight.org Page 10
/ 35 Volatility Processes tracking Strings on VAD
11.
forensicinsight.org Page 11
/ 35 Volatility Artifact of infection Infect vector
12.
forensicinsight.org Page 12
/ 35 Volatility Artifact of infection Manipulate Timestamp
13.
forensicinsight.org Page 13
/ 35 Volatility Artifact of infection Register services
14.
forensicinsight.org Page 14
/ 35 Volatility Binary analysis Basic Information
15.
forensicinsight.org Page 15
/ 35 Volatility Binary analysis Static & Dynamic analysis
16.
forensicinsight.org Page 16
/ 35 Volatility Binary analysis Find more evidence
17.
forensicinsight.org Page 17
/ 35 Volatility Binary analysis Verify artifact and Preserve evidence
18.
forensicinsight.org Page 18
/ 35 Log2Timeline - RADIUS - Manipulate execution chain - Explore inside network - RDP access
19.
forensicinsight.org Page 19
/ 35 Log2Timeline RADIUS RADIUS Server Config
20.
forensicinsight.org Page 20
/ 35 Log2Timeline RADIUS RADIUS Configuration Information
21.
forensicinsight.org Page 21
/ 35 Log2Timeline Manipulate execution chain Image File Execution Options
22.
forensicinsight.org Page 22
/ 35 Log2Timeline Manipulate execution chain Detour system tool and suppression vaccine
23.
forensicinsight.org Page 23
/ 35 Log2Timeline Explore inside network ShellNoRoam Key
24.
forensicinsight.org Page 24
/ 35 Log2Timeline Explore inside network Check ShellNoRoam
25.
forensicinsight.org Page 25
/ 35 Log2Timeline RDP access Extract IP and PC Name
26.
forensicinsight.org Page 26
/ 35 IIS Log
Baixar agora