![[DFIR TOOLS] AmcacheParser, what is it & how to use!](https://i0.wp.com/thesecuritynoob.com/wp-content/uploads/2022/09/image-5.png?fit=768%2C441&ssl=1)
Following on from the previous [DFIR TOOLS] posts below, this time I will speak about AmcacheParser again from the Eric Zimmerman suite. [DFIR TOOLS] Timeline Explorer, what is it & how to use! We will start with Erics description on its purpose:- “Amcache.hve parser with lots of extra features. Handles locked files” But what is…
Hello, For this interview I am pleased to share someone who is one of the two people that have been so important in my learning the DFIR skills outwith my work colleagues. His name is Richard Davis but you will know him as 13Cubed, along with Eric Zimmerman for his tools Richard’s videos have been…
![[DFIR TOOLS] Timeline Explorer, what is it & how to use!](https://i0.wp.com/thesecuritynoob.com/wp-content/uploads/2022/09/image.png?fit=768%2C459&ssl=1)
I am going to try something different for this post and the other I plan to do in this type of upcoming articles because I plan to speak about different tools in ‘Digital Forensics & Incident Response’ starting with all the tools by Eric Zimmerman and then moving on to others. Partly this is for…
Hello, So the first post after my soft reboot into DFIR could not have worked out any better, this is an interview with Elan Wright otherwise known as DFIR Diva. Elan runs the site ‘DFIR Diva’ and if you haven’t seen it before and want to get into DFIR or are looking for a job,…
Hello, So, as it says in the title I am going to be doing a ‘soft reboot’ of the website and making my blog more DFIR/Hacking specifically dedicated to that subjects and will try to explain here why and speak about some posts and interviews that I have planned. When it comes to most careers…
Have been reading through this beauty of a book from Corey Ball. Who is the Author Corey Ball? “Corey Ball is a cybersecurity consulting manager at Moss Adams, where he leads penetration testing services. He has over 10 years of experience working in IT and cybersecurity across several industries, including aerospace, agribusiness, energy, fintech, government…
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven Week Eight Week Nine Week Ten So, moving onto module 9 and the FINAL MODULE!!!! So, what are we covering in the final module? Introduction to Insider Threats Insider…
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven Week Eight Week Nine So, moving onto module 8 and this one is a bit different in that there are NO LABS. Ok, so this module and then 9…
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven Week Eight So, moving onto module 7 and seeing as we are covering web application security it will come as no surprise that this is the BIGGEST module of…
Welcome back to another interview and thanks as always for popping in. I had the chance to speak to someone I really like and rate highly and is one of the really good guys, I am lucky to interview loads of great people and have yet to come across anyone that I haven’t really got…
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven So, moving onto module 6. Introduction to Network Security Incident Common Network Security Incidents Need for Network Security Incident Handling and Response Preparation for Handling Network Security Incidents Preparation…
In looking out for people to interview for this site it came about and still is to this day just me wanting to speak to people I am fascinated with and want to ask questions too and one of them is Griffin. He is an investigator with over 20 years’ experience with a background resolving…
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six So, moving onto module 5 ‘Handling and Responding to Email Security Incidents’ and I am expecting to breeze through this as it’s the one I have done most work previously on….
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five So, moving onto module 4 ‘Handling and Responding to Malware Incidents’. Understand the concept of malware incident response (IR) Define different types of malware and their propagation Discuss preparation required to handle malware…
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four I finished the MITRE ATT&CK stuff I was working on separate from my ECIH so am now back and raring to go on ‘Module 03 Forensic Readiness and First Response’ which I was really looking…
