Following on from the previous [DFIR TOOLS] posts. First lets see what JumpLists are? Jump Lists are a feature in Microsoft Windows that provide quick access to recently used files, tasks, and specific actions associated with a particular application or program. They were introduced in Windows 7 and have been present in subsequent versions of…

Mastering Linux Security and Hardening: Safeguard Your Linux Systems from Cyber Threats – 3rd Edition by Donald A. Tevault (REVIEW)
In my early career, I ventured into the realm of application support and to ensure that the critical software tools, indispensable to the work of geologists and paraphysicists, operated seamlessly. This was the backdrop for my journey into the world of Linux. During those days, the mighty Red Hat Enterprise Linux 5 machine was my…

Cybersecurity, Threats, Malware Trends & Strategies by Tim Rains 2nd Edition REVIEW
In the ever-changing landscape of cyber threats, malware, and data protection, Tim Rains’ book Cybersecurity, Threats, Malware Trends & Strategies provides an invaluable look into the current and future state of cyber security. With a wealth of knowledge and insights garnered from his time as a director at Microsoft’s Cybersecurity Solutions Group, Rains is able…

Practical Linux Forensics, A Guide for Digital Investigators by Bruce Nikkel for No Starch Press REVIEW
This book is a comprehensive and informative guide for those interested in digital forensics and investigations. The book covers a wide range of topics related to forensic analysis of Linux systems, including data acquisition, evidence preservation, and various forensic techniques. It is a fantastic read, even before going deep into it forensically, the digital and…

[DFIR TOOLS] Hasher, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts. Hasher is a software application developed by Eric Zimmerman that is used to calculate and compare the hash values of files. A hash value is a unique code that is generated based on the contents of a file. By comparing the hash values of two files, it…

Cybersecurity-Attacks and Defenses Strategies 3rd Edition by Yuri Diogenes & Dr Erdal Ozkaya REVIEW
This book is a little different to the ones I have been reading recently in that it is more general in a sense that it covers the whole cybersecurity umbrella regarding red and blue teaming and the like. It’s nice every now and then to just read book like this every now and then over…

Network Basics for Hackers by Occupy the Web REVIEW!
Today I get to review another book from Occupy the Web who I am a big fan of, his books are fantastic, and I have every one that has been released so far, so when this book `Networking for Hackers` was getting released it was a total no brainer in working through it. It couldn’t…

How Linux Works, 3rd Edition by Brian Ward for No Starch Press REVIEW
I have wanted to read this book for a while as I am a self-proclaimed Linux fan boy, I started using it around 15 years ago in 2007 (Ubuntu and Mint), then started supporting Red Hat 5 and a bunch of applications on it in the oil and gas industry which included a 5 day…

Interview With One of the Great DFIR Talents, Alessandro Di Carlo (samaritan_o)
Alessandro is and unbelievable talent in the DFIR world, not only do I look forward to anything he writes either on his own site or over on The DFIR Report but on social media also. He knows his stuff and I just don’t say this because he writes at The DFIR Report who in my…

[DFIR TOOLS] EvtxECmd, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts. This time we we are going to talk about one of my favourite tools EvtxECmd. So, what does Mr Zimmerman say about it:- But it is way more than just that, coupled with ‘Timeline Explorer’ it is a ridiculously powerful tool. Before I get into it there…