Negative Decimal DWORD to Human Format
Introduction
Recent Posts
DFIR Playbook - Windows Forensics(WIP APR21)
Last Updated
Mobile Phone Codes
Introduction This post aims to consolidate a list of useful smartphone codes
DFIR Playbook - Network Forensics
Introduction This post aims to replicate my physical playbook on Networking and includes the following tools
DFIR Playbook - Memory Analysis
Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools
Vmware VMDK mmls partition type
Introduction How to convert vmdk’s that might be compressed when you get the error abender@sift:~$ mmls sample.vmdk Cannot determine partition type abender@s...
DFIR Playbook - Disk Images
Introduction This post aims to replicate my physical playbook on Disk Images and includes the following tools
Reverse Engineering Crypto Keys - WIP Notes
Preface I am by no means a programming, or RE expert. But I’m going to have a go at explaining the issue of finding the needle in a haystack of an XOR key us...
Full Featured IDE For Bash Scripting
Introduction I’ve had a few colleagues ask me how I have a full featured Bash IDE for courses I have developed; So I thought i’d make a post to show people h...
Analysing a VMWare Memory image with volatility
Introduction I found recently during a CTF Memory image challenge, that analysing memory images from VMWare wasn’t necessarily as easy as just having the rig...