-
I'm currently trying to figure out how to detect this kind of behavior. However the tweet is sadly not available anymore!
Anyond has a copy or hints for detecting this kind of behavior?
-
Hello, while I was using dfir-toolkit, I noticed that mos tools from this project were moved there.
There's however an interesting tool, called [processtree](https://github.com/janstarke/evtxtools…
-
Running on a Mac with Python 3.10.0. Any quick fix suggestions?
user@AdminisatorsMBP cLeapp % python3 cleapp.py --help
Traceback (most recent call last):
File "/Users/user/Desktop/DFIR TOOLS/cL…
-
Hello. I am a security enthusiast who wants to start contributing to OpenEDR.
I am currently working in a well known XDR solution.
I have a real security background including DFIR, Malware analysi…
-
We would like to make a couple of corrections. Belkasoft does not have a tool called Belkasoft Cloud Extractor - it is the same Belkasoft X that we offer for DFIR. It would also be more accurate if th…
-
I am trying to create module.dwarf in~/volatility/tools/linux so that I can create a linux profile but getting below error:
make -C //lib/modules/5.11.0-36-generic/build CONFIG_DEBUG_INFO=y M="/hom…
-
Under the advanced threat method, we suggest an approach:
* **In-Depth Analysis** - If malware is discovered, but cannot be identified, further analysis will be necessary. This may also trigger a c…
-
We need to define a team number variable for use during playbook deployments so that these playbooks aren't team 4 specific. Audit all roles and fix wherever necessary.
-
Currently, in user/group/computer module with timestamped values are displayed in format DD/mm/YYYYTHH:MM:SS+TZ (eg: 18-11-2022T14:01:38+0000) for all output format.
This format is no easily sortab…
-
e.g. https://www.pluralsight.com/courses/hack-yourself-first