Something I've thought about quite often during my time in DFIR is the threat actor's perspective...what is the attacker seeing and thinking during their time in an infrastructure. As a DFIR analyst, I don't often get to 'see' the threat actor's … [Continue Reading]
Virtual Images for Testing
Many within the DFIR community make use of virtual systems for testing...for detonating malware, trying things within a "safe", isolated environment, etc. However, sometimes it can be tough to get hold of suitable images for creating that testing … [Continue Reading]
Overview of Content Published in July
Here is an overview of content I published in July: Blog posts: simple_listener.py Quickpost: Standby Power Consumption Of My USB Chargers Update: base64dump.py Version 0.0.23 Update: sortcanon Version 0.0.2 Update: oledump.py Version … [Continue Reading]