Scalable forensics timeline analysis using Dissect and Timesketch
This blog post is also published on the website of my employer, Hunt & Hackett, which has given me the opportunity and inspiration to develop this type o...
This blog post is also published on the website of my employer, Hunt & Hackett, which has given me the opportunity and inspiration to develop this type o...
TL;DR: The DFIR lab can automate the processing of Plaso timelines to Timesketch using Velociraptor and Google Cloud services
The last blog post about Docker was about using non-root Docker containers and why this is safer. This time I want to go a step further and explain what I th...
This blog post will explain how the ransomware called Mount Locker works. For encryption, Mount Locker uses Chacha20 to encrypt files and RSA-2048 to encrypt...
5 days ago, I took the CKAD exam and passed. So I decided to write this short blog post about my experience and to share some tips that helped me pass it. Ev...