T-Warz is our new CTF going live at TechnoSecurity East this year! This isn’t your ordinary CTF, it’s a #Cyberwarzone! If you’re up for a challenge, join us. Don’t miss out! #DFIR #Cybersecurity #CTF

www.technosecurity.us/east/confere...

#dfir #DF #linux #cybersecurity

Specifically, around line 800, curl commands querying usernames, kernel details, environment variables, among a few other things.

This is a perfect example of why people need to understand how the tools they use work. Why folks need to be only getting their tools from trusted sources.

(2/2)

The linpeas.sh is the perfect example why folks need to be vetting their tools.

There was a sample of this script being distributed through a third party webapp, where it had been modified to include some suspicious enumeration techniques, and sent them back to a remote server.

(1/2)

🚨 Upcoming Webinar Alert! 🚨

Join us on Dec 4th, 12 PM ET for Windows Forensic Investigation! Explore Windows artifacts & techniques critical for DFIR investigations. Perfect for investigators & forensic pros!

🎯 Don’t miss it; register now: bit.ly/c5w-webinar4
#DFIR #Cyber5W

Correction: OST2 is more about malware and RE, but C5 offers content on windows, Linux, malware, and more

These ones would be more on the RE/malware side, but OpenSecurityTraining2 is awesome, and totally free.

You can also check cyber5w’s website. We offer multiple labs that are pay-what-you-can at labs.cyber5w.com, as well as cheaper trainings at academy.cyber5w.com.

If you want some free labs for sharpening your DF and IR tools, you should check here!

www.ashemery.com/dfir.html

Ohhh, this looks super cool. It looks like our tools would go very well together!

I love this one 🤠

#dfir #digitalforensics #NTFS

GitHub - cyberyom/MFTAnalyzer: This tool is meant to parse an NTFS $MFT file. This tool is meant to parse an NTFS $MFT file. Contribute to cyberyom/MFTAnalyzer development by creating an account on GitHub.

One year ago today, I started my first contribution to the DFIR community.

It was a tool to parse the NTFS $MTF file. I wrote it to solve problems I had with other GUI based tools, though this is CLI.

If you’d like to check it out, you can find it on my github!
github.com/cyberyom/MFT...

How did you image the watch? Did you get one of those pogo pin connectors? I think they’re called iBus.

yoda eyes closed. digital forensics examiner understood why Yoda died after answering all of lukes questions.

It's been one of those weeks.

#DigitalForensics #MobileForensics #DFIR

Let’s see what this is all about…