My cup runneth over with technical ForSec blog posts! Some of these reach back a ways…
- auto_rip, tr3secure_collection & DFS updates - Journey Into Incident Response - Corey Harrell
- Links - Windows Incident Response Blog - Harlan Carvey - Neat tool noted Thunderbird! - Parser via Mari DeGrazia and her wonderfully detailed blog postings.
- Updates - Windows Incident Response Blog - Harlan Carvey
- RegRipper - Windows Incident Response Blog - Harlan Carvey
- File system ops, effects on MFT records - Windows Incident Response Blog - Harlan Carvey
- File system ops, testing phase 2 - Windows Incident Response Blog - Harlan Carvey
- Random Stuff - Windows Incident Response Blog - Harlan Carvey
- What does that "look like"? - Windows Incident Response Blog - Harlan Carvey
- What Does That Look Like, Pt II - Windows Incident Response Blog - Harlan Carvey
- Windows Phone 8 and RegRipper - Windows Incident Response Blog - Harlan Carvey
- Be SMART - Forensic 4:cast - Lee Whitfield explores the value in SMART data culled from hard drives in an incident response.
- RegRipper Ripper (3R) and the list of reg keys covered by RR plugins – update - Hexacorn blog
- List of keys parsed by RegRipper Plugins /Generated by 3R - RegRipper Ripper v0.1/ - Hexacorn blog
- Beyond good ol' Run Key - post archive - 1-10 - Hexacorn blog - Get caught up here if you aren’t already following this excellent series! Microsoft’s Sysinternals Autoruns tool can’t always tell you everything and some of these auto-start/persistence techniques are downright clever.
- Beyond good ol’ Run key, Part 11 - Hexacorn blog
- Beyond good ol’ Run key, Part 12 - Hexacorn blog
- Beyond good ol’ Run key, Part 13 - Hexacorn blog
- Beyond good ol’ Run key, Part 14 - Hexacorn blog
- Beyond good ol’ Run key, Part 15 - Hexacorn blog
- Beyond good ol’ Run key, Part 16 - Hexacorn blog
- Beyond good ol’ Run key, Part 17 - Hexacorn blog
- Upatre’s gadgetry - Hexacorn blog
- RCE: List of 64-bit tools - Hexacorn blog - PE analysis tools of note.
- Command Line Fun - HandlerDiaries post by “jackercr” - Post focus is using grep to sort through data and then leverage the work with additional tools.
- Introducing Filescanner.exe - Didier Stevens
Cheers,
--Claus Valca
No comments:
Post a Comment