Forensic Blogs

An aggregator for digital forensics blogs

March 31, 2022 by Didier Stevens

Overview of Content Published in March

Here is an overview of content I published in March:

Blog posts: Update: oledump.py Version 0.0.64 New Tool: xlsbdump.py spring4shell Capture File YouTube videos: TShark & Multiple IP Addresses Maldoc Cleaned by Anti-Virus Videoblog posts: YARA?s Console Module MSBuild & Cobalt Strike Quick & Dirty Shellcode Analysis ? CVE-2017-11882 TShark & Multiple IP Addresses Maldoc Cleaned by Anti-Virus SANS ISC Diary entries: TShark & Multiple IP Addresses oledump’s Extra Option Video: TShark & Multiple IP Addresses ICMP Messages: Original Datagram Field YARA 4.2.0 Released Curl on Windows SolarWinds Advisory: Unauthenticated Access in Web Help Desk (12.7.5) MGLNDD_* Scans Maldoc Cleaned by Anti-Virus Wireshark 3.6.3 Released Video: Maldoc Cleaned by Anti-Virus Quickie: Parsing XLSB Documents NVISO blog posts: Cobalt Strike: Memory Dumps – Part 6 Cobalt Strike: Overview – Part 7 NVISO Videos: Using Known Private Keys To Decrypt Traffic Using Process Memory To Decrypt Traffic Dealing With Obfuscated Traffic And Process Memory Decrypting DNS Traffic

Read the original at: Didier StevensFiled Under: Digital Forensics Tagged With: Announcement

March 5, 2022 by Didier Stevens

Overview of Content Published in February

Here is an overview of content I published in February:

Blog posts: Update: jpegdump.py Version 0.0.9 Windows Explorer: Improper Exif Data Removal Beta: smtp-honeypot.py Update: oledump.py Version 0.0.63 Update: 1768.py Version 0.0.12 YouTube videos: YARA’s Console Module Quick & Dirty Shellcode Analysis – CVE-2017-11882 SANS ISC Diary entries: Power over Ethernet and Thermal Imaging Wireshark 3.6.2 Released Video: YARA’s Console Module Sending an Email to an IPv4 Address? Windows, Fixed IPv4 Addresses and APIPA Video: Quick & Dirty Shellcode Analysis – CVE-2017-11882

Read the original at: Didier StevensFiled Under: Digital Forensics Tagged With: Announcement

February 1, 2022 by Didier Stevens

Overview of Content Published in January

Here is an overview of content I published in January:

SANS ISC Diary entries: Expect Regressions TShark & jq Extracting Cobalt Strike Beacons from MSBuild Scripts YARA’s Console Module

Read the original at: Didier StevensFiled Under: Digital Forensics Tagged With: Announcement

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • …
  • 34
  • Next Page »

About

This site aggregates posts from various digital forensics blogs. Feel free to take a look around, and make sure to visit the original sites.

  • Contact
  • Aggregated Sites

Suggest a Site

Know of a site we should add? Enter it below

Sending

Jump to Category

All content is copyright the respective author(s)