Background:
During incident response, time constraints can make it difficult to fully understand the scope of an incident. This challenge becomes even greater when our existing toolset does not [...] Read more
Background: In our previous article, we discussed and compared various tools that facilitate the acquisition of volatile memory . In this article we are going to cover final part of our challenge to [...] Read more
Background:
During the incident containment stage, there may be situations where it is necessary to acquire a volatile dump of RAM from hardware. Since we have already covered memory acquisition on [...] Read more
Background:
In a previous article, we discussed the method for creating a USB flash drive to acquire forensic images. In this article, I'll explain how to leverage the previously created tool during [...] Read more
Background:
Incident response is divided into two parts: hands-on activities and management activities. We have discussed hands-on activities extensively. However, if we want to present the activity [...] Read more
Background:
Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more
Background:
When an incident occurs in your environment, you should be prepared to respond effectively from the perspectives of people, processes, and technologies. Proper preparation ensures a [...] Read more
Background:
In incident response log collection, you might encounter situations where EDR/XDR solutions or log collectors are not present on a machine. Additionally, some syslogs might be missing. [...] Read more
Background:
In the previous article, we discussed how files are stored inside drives and highlighted the essential metrics to consider after acquiring the storage footprint. Now, we will dive deeper [...] Read more
Background:
In one of our previous articles, I've introduced the process of preparing a USB drive/tool for forensic analysis. Now, it is time to delve one level deeper and explore the key points that [...] Read more
![Linux Volatile Memory Forensics: Key Caveats in Acquisition and Analysis [PART 2 Final]](https://threat.boutique/content/images/20250817093533-ban.png)
![Linux Volatile Memory Forensics: Key Caveats in Acquisition and Analysis [PART1]](https://threat.boutique/content/images/20250809123618-ram.jpg)
![Challenges of Digital Drives: File Recovery in Practice Without Expensive Tools [ Final Part ]](https://threat.boutique/content/images/20250322122646-Forensic.webp)
