Twitter | Search | |
Search Refresh
Mike Williamson Sep 14
You know youve been staring at hex too long when you start noticing file header signatures on licence plates. 🤓
Reply Retweet Like
Nasreddine Bencherchali Sep 14
Forensics Analysis — Windows Artifacts (Part I). A List Of Windows Artifacts To Look For During A Forensics Investigation.
Reply Retweet Like
Heather Mahalik Sep 14
Calling women in - how did you get to where you are and what do you wish you had known before you got to this point?
Reply Retweet Like
𝙂𝙖𝙧𝙮 𝙃𝙪𝙣𝙩𝙚𝙧 Sep 15
Nothing like an early morning ransomware flight.
Reply Retweet Like
Phill Moore Sep 14
Reply Retweet Like
Hacker 31337::00101 ⠠⠵ 3h
Windows Forensics Analysis — And
Reply Retweet Like
OccupytheWeb Sep 15
Reply Retweet Like
Edoardo Gerosa Sep 11
You can now automatically upload all 117 KQL rules from Sentinel ATT&CK to your Sentinel instance thanks to AZSentinel , made by Wortell. We added a JSON file covering all of our rules, see:
Reply Retweet Like
Nasreddine Bencherchali 22h
Windows Forensics Analysis — Tools And Resources A Curated List Of Tools And Resources For Windows Forensics Analysis.
Reply Retweet Like
Gerry Millette (k41z3n) Sep 14
101: Don’t be a creep
Reply Retweet Like
Oxygen Forensics Sep 11
A new Oxygen Forensic Detective with the unbelievable innovations will be released in several weeks. The new version will also support the latest iPhones and Apple iOS 13. Stay tuned!
Reply Retweet Like
Dr. Anton Chuvakin Sep 13
"Does Your Incident Evidence Really Lead to Better Intelligence?" <- its mostly a lamentation post, but it has some useful bits too... ( )
Reply Retweet Like
/r/blueteamsec Sep 14
BSidesMCR 2019: Navigating The Red Forest - Derek Price
Reply Retweet Like

Related searches

simjacker · #ransomware · #hackers · infosec
Harlan, First of his Name Sep 14
Interesting threat hunting lesson for this morning...in this case, there is value in pursuing historical data. There are some who believe threat hunting starts when visibility is implemented, and historical indicators are of little to no value. (1/n)
Reply Retweet Like
Ryan Clark Sep 11
Any peer recommendations for a usb-boot, compile, and extraction program that dumps results into a file/folder set on the usb disk? Looking to add a step to the desks incident response process with 'insert usb, wait 5 minutes, remove usb'
Reply Retweet Like
Andrew Case 2h
The more I go to conferences that are not 100% themed, the more I realize how completely disconnected the DFIR and infosec worlds are
Reply Retweet Like
DFIR Training Sep 9
A few goodies for you to download or print.
Reply Retweet Like
DFIR.Delbs Sep 9
wanted to share this tutorial on using scapy within jupyter notebooks for data analysis. Pretty interesting field for me. Get on it!
Reply Retweet Like
Eric Zimmerman Sep 7
KAPE 0.8.7.1 released! This release fixes an issue w\ long paths when using containers, warns if FTK Imager is running (along w\ new switch, --ifw), and adds check for new version of KAPE if Internet connectivity is available (shown at end of run) See changelog for more!
Reply Retweet Like
SANS Institute 54m
[Webcast] October 29 at 3:30 PM ET: Join SANS experts and as they report on the SANS 2019 Survey results.
Reply Retweet Like