Twitter | Search | |
Search Refresh
ElcomSoft Oct 27
Look what we have found: Apple iOS 4 Security Evaluation (2011) :)
Reply Retweet Like
Jack Crook 10h
Here's a way to score behaviors that are derived from detections. This search looks for signature clusters across dvc's (dvc_count), total signatures alerted by dvc (sig_count), distinct signature count by dvc (dc_sig_count). Finally it generates an overall weight.
Reply Retweet Like
Ryan Benson Oct 25
299: The just went live! Check it out for some mobile forensics challenges! 🔗 Even if you are new to analyzing phones, give it a try. There's no better way to learn than getting your hands dirty.
Reply Retweet Like
Jason Hale Oct 29
The latest version of USB Detective is out!  Added support for the Windows 10 Storsvc/Diagnostic event log, improved support for Storport devices removed by Windows feature updates, optional detection of non-removable devices, and more!
Reply Retweet Like
SANS DFIR 23h
. Blog: The Alexiou Principle
Reply Retweet Like
DFIR Training Oct 28
CTFs/ forensic test images have been moved to its own page for ease of finding something to practice on or practice with. There are dozens of listings now with hundreds more being added.
Reply Retweet Like
deagler4n6 Oct 26
Reply Retweet Like
Adam Oct 29
The Alexiou Principle Kudoz to
Reply Retweet Like
ElcomSoft 7h
It's Five Hundred Posts in our blog! The 500th post will give you more free tools and resources for digital forensics:
Reply Retweet Like
Arsenal Recon 10h
Our law enforcement & military customers have been doing great things with Arsenal Image Mounter’s new DPAPI bypass. Please read this testimonial from Cst. Frawley of the Kingston Police… consider what he accomplished, & what you could as well.
Reply Retweet Like
Brett Shavers 🙄 1h
You might be a expert already and not even know it.
Reply Retweet Like
🅵🅴🅻🅸🆇 Oct 28
This report contains lot of details and easily helps teams to get information to action!
Reply Retweet Like
Ryan Benson Oct 23
297: You can get free, licensed 7-10 VMs for a variety of platforms at: 🔗 Great resource for tool development and testing!
Reply Retweet Like
Jack Crook 9h
Replying to @jackcr
Compromises will generally cause anomalous behavior patterns that can be seen as outliers. Find a way to measure these changes and look for them. It works. I've written about a few methods here: and here:
Reply Retweet Like
Maxim Suhanov Oct 25
A new post about how a system clock is set by Windows during the boot and when Windows can ignore it and choose something better.
Reply Retweet Like
Ismael Valenzuela 9h
Great write up from on . At we've shared a detailed write-up with behaviors, indicators, and mitigations. As an observation continues to send WOL packets to turn on powered off systems. Details here:
Reply Retweet Like
Peter Stewart Oct 26
Week 3 of the was a fun one! Carving video from Motion Photos Write up:
Reply Retweet Like
ElcomSoft Oct 27
Extracting the iPhone: (No) Tools Required?
Reply Retweet Like
Yuri Gubanov 39m
I have had a big fun today to participate in the Halloween episode of Forensic Lunch (or Launch?) by . Hope our spectators appreciated Belkasoft's Halloween version capable to search for SCARY THINGS!
Reply Retweet Like
marc ochsenmeier Oct 27
Indicators hunting with YARA
Reply Retweet Like