Digital Forensics & Incident Response
Search
⌃
K
Digital Forensics & Incident Response
Search
⌃
K
Welcome
General Notes
Install and Configure ZeroTier client
S3FS Fuse and MinIO
Enable nested VT-X/AMD-V
mitm proxy
Exploring Volume Shadow Copies Manually
Resize VMDK/VDI
Resize VMDK on ESXi
Convert raw to vmdk
Favicon hashing and hunting with Shodan
WinRM/RemotePS
MinIO/S3/R2 ghost files
Mount E01 containing VMDK/XFS from RHEL system
Disk images for various filesystems and configurations
VirtualBox adapters greyed out
Microsoft Defender KQL
Introduction to KQL
Windows Forensics
PsExec
Security Patch/KB Install Date
Linux Forensics
Inspecting RPM/DEB packages
Common Locations
ESXi Forensics
Understanding ESXi
General Notes
Triage and Imaging
ESXi VMFS Exploration
Export OVF from ESXi using OVF Tool
Identification, acquisition, and examination of iSCSI LUNs and VMFS datastores
Memory Forensics
Volatility
Acquisition
Incident Response
VirusTotal & hash lists
Unix-like Artifacts Collector (UAC)
Acquiring Linux VPS via SSH
AVML dump to SMB / AWS
China Chopper webshell
Logging Powershell activities
Compromised UniFi Controller
AnyDesk Remote Access
Mounting UFS VMDK from NetScaler/Citrix ADC
iOS Forensics
Checkm8 / checkra1n acquisitions/extractions
CTF / Challenges
DEFCON 2019 forensics
Tomcat shells
Magnet Weekly CTF
DFIR Madness CTF
Log Files
Windows
Malware Analysis
Identifying UPX packed ELF, decompressing, fixing, and analysing Linux malware
PDF Analysis
Walking the VAD tree
OpenCTI
What is CTI/OpenCTI?
Setting up OpenCTI
Container Management
Configure Connectors
Vulnerability Management
Setting Up Nessus (Essentials)
Troubleshooting
Privacy
Powered By
GitBook
PDF Analysis
GitHub - filipi86/MalwareAnalysis-in-PDF: Malicious PDF files recently considered one of the most dangerous threats to the system security. The flexible code-bearing vector of the PDF format enables to attacker to carry out malicious code on the computer system for user exploitation.
GitHub
Malware Analysis - Previous
Identifying UPX packed ELF, decompressing, fixing, and analysing Linux malware
Next
Walking the VAD tree
Last modified
2yr ago
