-
![image](https://user-images.githubusercontent.com/12653147/32416876-365ba212-c28b-11e7-9982-69b92e2a8e90.png)
少时常看一兄灰鸽子种马,QQ钓鱼等。2013年拥有自己电脑,11月左右寻找各种工具包,后常深夜修仙,依旧苦苦无果。又因诸事繁杂,时有断续,却未敢停歇。自2016.11月起则…
-
Hi Alan,
CDQR Version: 20191226 errors out when used with Plaso Version: 20220428. Replicated on Ubuntu 20.04 and Kali 2022.2.
* Error message: "log2timeline.py: error: unrecognized arguments: Res…
-
TL;DR: using MemProcFS Yara from Rust results in SIGSEGV
I am using yarac 4.5.0 (https://github.com/VirusTotal/yara/archive/refs/tags/v4.5.0.tar.gz compiled from source)
to compile the YARA forge …
-
Hi,
During the forensics process, a host/hypervisor Velociraptor does not do forensics for the docker image filesystem.
for example:
* acquire bash history from the docker image.
* reveal crontab…
-
It's probably a good idea to have a github action that calculates unit test coverage. Raising this issue to track ideas and any implementation.
-
if you run it like this, then the extended disk appears, but if you run a full-fledged script through powershell, nothing happens
good > C:\MemProcFS-Analyzer-v1.0\Tools\MemProcFS>MemProcFS.exe -de…
-
# Background
Ticketing systems are ubiquitous in nearly every organization. They are a primary mechanism that humans (users) use to navigate through a workflow or business process, while documenting …
-
Thank you for taking your time to read this!
I am using a android emulator to create a memory dump, in order for me to create a profile in volatility and then analyze the memory dump.
Device: Pixe…
-
C:\Users\Dennis\Desktop\Forensics Tools\volatility3-2.5.0> python.exe .\vol.py -f "C:\Users\Dennis\Downloads\memdump.mem" windows.vadyarascan --yara-file .\stringsearch.yar
Volatility 3 Framework 2.5…
-
# 每日安全资讯(2023-08-20)
- SecWiki News
- [ ] [SecWiki News 2023-08-19 Review](http://www.sec-wiki.com/?2023-08-19)
- 先知安全技术社区
- [ ] [tenda固件栈溢出漏洞挖掘和iot常用工具介绍和使用](https://xz.aliyun.com/t/12793)
- […