Background:
During the incident response stage of "Log Collection," it is highly valuable to collect comprehensive data from the servers, especially when the affected system is running Windows OS. [...] Read more
Background:
In a previous article, I discussed the high-level preparations needed to acquire an image of a machine requiring forensic analysis. However, have you considered the caveats related to [...] Read more
Background:
In our previous article, we discussed the preparation needed for the "log collection" stage of incident response, which is essential for the "analysis" stage. We covered how to prepare [...] Read more
Background:
In incident response, knowing how to analyze malware is crucial. Relying only on sandboxes to study malware behavior often isn't enough. Sandboxes might miss important details that could [...] Read more
Background:
Exim is a mail transfer agent designed for Unix-like systems, providing flexible capabilities for managing your own email server. It serves as the entry point for email communication [...] Read more
Background:
Before delving into the scope of leaked hashed passwords, it's important to understand the purpose of hashing. At a high level, hashing is a one-way function that transforms any input [...] Read more
![Building a Forensic USB Drive: Tools and Techniques for Imaging [ PART 1.5 ]](https://threat.boutique/content/images/20241019113239-Designer (3).jpeg)
![Forensic Analysis Preparation for Windows Operating Systems in Incident Response: Utilizing Volatility for Memory Analysis [ PART 2 ]](https://threat.boutique/content/images/20240914154544-Designer.jpeg)
