[How To] Digital Forensic Memory Analysis - strings, grep and photorec
This week we will show how to use basic data processing tools strings, grep and photorec to start an analysis of a Random Access Memory (RAM) image, even if ...
Recent posts
What I’m Reading - A functional reference model of passive systems for tracing network traffic
What I’m Reading: Today we are talking about ‘A functional reference model of passive systems for tracing network traffic’ by Thomas E. Daniels. This paper d...
How To - Forensic Memory Acquisition in Linux with LiME
This week we will be using LiME to acquire a memory image in a suspect Linux system. LiME is a loadable kernel module that needs to be compiled based on the ...
[How To] Forensic Data Recovery in Linux - tsk_recover
This week we will talk about The Sleuth Kit, and specifically the tool tsk_recover. tsk_recover is a useful tool for allocated and unallocated file recovery....
No More Ransom - Detecting and unlocking ransomware without paying
Data is valuable. Ransomware takes advantage of the financial or sentimental value of our data, as well as the fact that most homes and organizations do not ...