Forensic Blogs

An aggregator for digital forensics blogs

December 31, 2020 by Didier Stevens

Update: rtfdump.py Version 0.0.10

This is a Python 3 update for my tool to analyze RTF files. There are some new features, like option -O, to produce an overview: More details in upcoming maldoc analysis posts. rtfdump_V0_0_10.zip (https) MD5: … [Continue Reading]

Read the original at: Didier StevensFiled Under: Digital Forensics Tagged With: My Software, Update

December 27, 2020 by Didier Stevens

Decrypting TLS Streams With Wireshark: Part 2

In blog post “Decrypting TLS Streams With Wireshark: Part 1“, I explain how to decrypt TLS streams with a specific type of encryption (pre-master secret exchanged via RSA) using the web server’s private key. In this blog post, we will use the client … [Continue Reading]

Read the original at: Didier StevensFiled Under: Digital Forensics Tagged With: Encryption, Networking

December 26, 2020 by Didier Stevens

Update: 1768.py Version 0.0.4

This is an update of my tool to analyze Cobalt Strike beacons. Option -l can be used to generate YARA rules to search for Cobalt Strike beacons with a given license ID.   1768_v0_0_4.zip (https) MD5: 35779393F2DC6171731446F8E0AC361B SHA256: … [Continue Reading]

Read the original at: Didier StevensFiled Under: Digital Forensics Tagged With: My Software, Update

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • …
  • 535
  • Next Page »

About

This site aggregates posts from various digital forensics blogs. Feel free to take a look around, and make sure to visit the original sites.

  • Contact
  • Aggregated Sites

Suggest a Site

Know of a site we should add? Enter it below

Sending

Jump to Category

All content is copyright the respective author(s)