Following on from the previous [DFIR TOOLS] posts. [DFIR TOOLS] Timeline Explorer, what is it & how to use! [DFIR TOOLS] AmcacheParser, what is it & how to use This time I will speak about AppCompatCacheParser again from the Eric Zimmerman suite. We will start with Erics description on its purpose:- AppCompatCache aka ShimCache parser. Handles…

[DFIR TOOLS] AmcacheParser, what is it & how to use!
Following on from the previous [DFIR TOOLS] posts below, this time I will speak about AmcacheParser again from the Eric Zimmerman suite. [DFIR TOOLS] Timeline Explorer, what is it & how to use! We will start with Erics description on its purpose:- “Amcache.hve parser with lots of extra features. Handles locked files” But what is…

Interview with 13Cubed who is also DFIR Investigator for Microsoft Richard Davis.
Hello, For this interview I am pleased to share someone who is one of the two people that have been so important in my learning the DFIR skills outwith my work colleagues. His name is Richard Davis but you will know him as 13Cubed, along with Eric Zimmerman for his tools Richard’s videos have been…

[DFIR TOOLS] Timeline Explorer, what is it & how to use!
I am going to try something different for this post and the other I plan to do in this type of upcoming articles because I plan to speak about different tools in ‘Digital Forensics & Incident Response’ starting with all the tools by Eric Zimmerman and then moving on to others. Partly this is for…

Interview with DFIR DIVA Blogger of all things DFIR, Creator of Get Your Start in DFIR and DFIR Analyst.
Hello, So the first post after my soft reboot into DFIR could not have worked out any better, this is an interview with Elan Wright otherwise known as DFIR Diva. Elan runs the site ‘DFIR Diva’ and if you haven’t seen it before and want to get into DFIR or are looking for a job,…

Turning more of a focus onto DFIR (Digital Forensics & Incident Response) and Hacking here at The Security Noob!
Hello, So, as it says in the title I am going to be doing a ‘soft reboot’ of the website and making my blog more DFIR/Hacking specifically dedicated to that subjects and will try to explain here why and speak about some posts and interviews that I have planned. When it comes to most careers…

HACKING APIS (Breaking Web Application Programming Interfaces) by Corey J Ball for No Starch Press REVIEW
Have been reading through this beauty of a book from Corey Ball. Who is the Author Corey Ball? “Corey Ball is a cybersecurity consulting manager at Moss Adams, where he leads penetration testing services. He has over 10 years of experience working in IT and cybersecurity across several industries, including aerospace, agribusiness, energy, fintech, government…

Week Eleven of EC-Council Certified Incident Handler (ECIH) Version 2 Self-Study Training
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven Week Eight Week Nine Week Ten So, moving onto module 9 and the FINAL MODULE!!!! So, what are we covering in the final module? Introduction to Insider Threats Insider…

Week Ten of EC-Council Certified Incident Handler (ECIH) Version 2 Self-Study Training
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven Week Eight Week Nine So, moving onto module 8 and this one is a bit different in that there are NO LABS. Ok, so this module and then 9…

Week Nine of EC-Council Certified Incident Handler (ECIH) Version 2 Self-Study Training
Hey guys, If you haven’t read the previous articles here they are:- Week One Week Two Week Three Week Four Week Five Week Six Week Seven Week Eight So, moving onto module 7 and seeing as we are covering web application security it will come as no surprise that this is the BIGGEST module of…