Run Sigma rules on a live machine with DRONE

Sigma is a community effort to write detections for IoC’s, and now with DRONE, you can scan these IoC’s on a live machine. Typically, these Sigma rules are designed to be executed or scanned on SIEM logs but with DRONE, Read more

Using Network Capture with Binalyze AIR

Steve: Good afternoon, everyone, and welcome to our “Network Capture Using Binalyze AIR” workshop. We have two people on the call today, so we have Emre who I guess you’re all pretty familiar with, who’s the founder and CEO of … Read more

AIR From Binalyze

Modern forensic data acquisition in enterprise environments requires constant evaluation of approach, methods, tools and tactics. Multiple different ways of acquiring both logical and physical images from remote sources in corporate environments have been developed throughout the years, from deployment … Read more

How To Use AXIOM In Malware Investigations: Part II

Hey everyone, Tara Nelson here with Magnet Forensics. Today I’m going to give a little insight into how AXIOM can help with some of your day-to-day investigations. In this video we’re going to talk a little bit about malware investigations.… Read more

Dissecting Malicious Network Traffic To Identify Botnet Communication

by Swasti Bhushan Deb

Botnets are well-known in the domains of information security, digital forensics and incident response for hosting illegal data, launching DDOS attacks, stealing information, spamming, bitcoin mining, spreading ransomware, launching brute force attacks, managing remote access to … Read more

Asking A VPS To Image Itself

by Chris Cohen

unnamedThere is a Linux Virtual Private Server (VPS) that you have been tasked to collect using a forensically sound method while ensuring confidentiality, integrity and availability. You have the password for a user who has ssh access Read more

10 DFIR Blogs You Don’t Want to Miss

by Christa M. Miller

Digital forensics is a tough job. Forensicators must evolve as rapidly as the technology does, which means being in a constant state of learning. Formal education is costly and can’t keep up. The next best alternative: … Read more

Current Challenges In Digital Forensics

Current Challenges in Digital Forensics

What is the most urgent question facing digital forensics today? That in itself is not a question with a straightforward answer. At conferences and in research papers, academics and forensic practitioners around the world converge to anticipate the future of … Read more

Linux Timestamps, Oh boy!

Timestamps are critical for analysts; they usually deal with different filesystems and understanding how the file timestamps work on each is crucial to what they do.

If you do an online search for linux timestamps, you’ll get ton of information … Read more