Join the Mailing List
Want to keep up to date with the latest blog posts and additions to the training sites?
Check for a confirmation email after subscribing.
Want to keep up to date with the latest blog posts and additions to the training sites?
Check for a confirmation email after subscribing.
Did you miss @dfirjos's excellent blog piece on practical examples of using Velociraptor to monitor adversaries during an incident response? Catch it here:
https://docs.velociraptor.app/blog/2023/2023-01-13-tracking-an-adversary-in-realtime/
How to upskill?
Building your own lab is an excellent way to gain hands-on experience and grow your knowledge. It can be done for free and it's easy to construct labs to emulate and analyze various attacks.
Check out our free tutorials here: https://lnkd.in/djce4_qX
#dfir
The first new publicly released episode of 2023 is now available. Check out this important video covering a new evidence of execution artifact introduced in Windows 11 22H2. https://www.youtube.com/watch?v=rV8aErDj06A #DFIR #forensics
New blog on @aboutdfir by Fabian Mendoza on identifying the source system of PsExec using USN Journal.
This is truly cool and extremely helpful! Can't wait for more such research.
#DFIR
https://aboutdfir.com/the-key-to-identify-psexec/
Recent Comments