Scalable forensics timeline analysis using Dissect and Timesketch
This blog post is also published on the website of my employer, Hunt & Hackett, which has given me the opportunity and inspiration to develop this type o...
Recent Posts
Automating DFIR using Cloud services
TL;DR: The DFIR lab can automate the processing of Plaso timelines to Timesketch using Velociraptor and Google Cloud services
Using Docker images from scratch
The last blog post about Docker was about using non-root Docker containers and why this is safer. This time I want to go a step further and explain what I th...
Mount Locker ransomware analysis
This blog post will explain how the ransomware called Mount Locker works. For encryption, Mount Locker uses Chacha20 to encrypt files and RSA-2048 to encrypt...
Preparation Tips for CKAD
5 days ago, I took the CKAD exam and passed. So I decided to write this short blog post about my experience and to share some tips that helped me pass it. Ev...