Posts by Tag

dfir

Mobile Phone Codes

1 minute read

Introduction This post aims to consolidate a list of useful smartphone codes

DFIR Playbook - Network Forensics

2 minute read

Introduction This post aims to replicate my physical playbook on Networking and includes the following tools

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

DFIR Playbook - Disk Images

3 minute read

Introduction This post aims to replicate my physical playbook on Disk Images and includes the following tools

Analysing a VMWare Memory image with volatility

2 minute read

Introduction I found recently during a CTF Memory image challenge, that analysing memory images from VMWare wasn’t necessarily as easy as just having the rig...

Back to Top ↑

linux

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

Full Featured IDE For Bash Scripting

less than 1 minute read

Introduction I’ve had a few colleagues ask me how I have a full featured Bash IDE for courses I have developed; So I thought i’d make a post to show people h...

Back to Top ↑

windows

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

Back to Top ↑

oscp

Vmware VMDK mmls partition type

less than 1 minute read

Introduction How to convert vmdk’s that might be compressed when you get the error abender@sift:~$ mmls sample.vmdk Cannot determine partition type abender@s...

OSCP Notes

3 minute read

Introduction A tabled summary of common commands used

Back to Top ↑

offensive

Vmware VMDK mmls partition type

less than 1 minute read

Introduction How to convert vmdk’s that might be compressed when you get the error abender@sift:~$ mmls sample.vmdk Cannot determine partition type abender@s...

OSCP Notes

3 minute read

Introduction A tabled summary of common commands used

Back to Top ↑

sysadmin

Full Featured IDE For Bash Scripting

less than 1 minute read

Introduction I’ve had a few colleagues ask me how I have a full featured Bash IDE for courses I have developed; So I thought i’d make a post to show people h...

Back to Top ↑

debug

Reverse Engineering Crypto Keys - WIP Notes

3 minute read

Preface I am by no means a programming, or RE expert. But I’m going to have a go at explaining the issue of finding the needle in a haystack of an XOR key us...

Full Featured IDE For Bash Scripting

less than 1 minute read

Introduction I’ve had a few colleagues ask me how I have a full featured Bash IDE for courses I have developed; So I thought i’d make a post to show people h...

Back to Top ↑

vmware

Analysing a VMWare Memory image with volatility

2 minute read

Introduction I found recently during a CTF Memory image challenge, that analysing memory images from VMWare wasn’t necessarily as easy as just having the rig...

Back to Top ↑

bash

Full Featured IDE For Bash Scripting

less than 1 minute read

Introduction I’ve had a few colleagues ask me how I have a full featured Bash IDE for courses I have developed; So I thought i’d make a post to show people h...

Back to Top ↑

programming

Reverse Engineering Crypto Keys - WIP Notes

3 minute read

Preface I am by no means a programming, or RE expert. But I’m going to have a go at explaining the issue of finding the needle in a haystack of an XOR key us...

Back to Top ↑

reverse_engineering

Reverse Engineering Crypto Keys - WIP Notes

3 minute read

Preface I am by no means a programming, or RE expert. But I’m going to have a go at explaining the issue of finding the needle in a haystack of an XOR key us...

Back to Top ↑

disk

DFIR Playbook - Disk Images

3 minute read

Introduction This post aims to replicate my physical playbook on Disk Images and includes the following tools

Back to Top ↑

tsk

DFIR Playbook - Disk Images

3 minute read

Introduction This post aims to replicate my physical playbook on Disk Images and includes the following tools

Back to Top ↑

mft

DFIR Playbook - Disk Images

3 minute read

Introduction This post aims to replicate my physical playbook on Disk Images and includes the following tools

Back to Top ↑

timeline

DFIR Playbook - Disk Images

3 minute read

Introduction This post aims to replicate my physical playbook on Disk Images and includes the following tools

Back to Top ↑

memory

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

Back to Top ↑

process

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

Back to Top ↑

malware

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

Back to Top ↑

rootkit

DFIR Playbook - Memory Analysis

6 minute read

Introduction This post aims to replicate my physical playbook on Memory Analysis and includes the following tools

Back to Top ↑

network

DFIR Playbook - Network Forensics

2 minute read

Introduction This post aims to replicate my physical playbook on Networking and includes the following tools

Back to Top ↑

pcap

DFIR Playbook - Network Forensics

2 minute read

Introduction This post aims to replicate my physical playbook on Networking and includes the following tools

Back to Top ↑

netflow

DFIR Playbook - Network Forensics

2 minute read

Introduction This post aims to replicate my physical playbook on Networking and includes the following tools

Back to Top ↑

mobile

Mobile Phone Codes

1 minute read

Introduction This post aims to consolidate a list of useful smartphone codes

Back to Top ↑

verification

Back to Top ↑