by aliduveen | Aug 20, 2018
Memory analysis has become a key way to hunt and track malware and advanced persistent threats (APTs). So, it is more important than ever to arm analysts and investigators with better tools and capabilities for memory analysis. We created an app called TA-Volatility...
by aliduveen | Aug 20, 2018
Malicious PowerShell scripts are becoming the tool of choice for attackers. Although sometimes referred to as “fileless malware”, they can leave behind forensic artifacts for examiners to find. Learn how to locate and identify activity of these malicious PowerShell...
by aliduveen | Aug 20, 2018
Turbinia, an open source project to allow for massively parallel forensic artifact extraction, was demonstrated at OSDFCon 2015. Three years later, what was originally a limited (albeit functional) tech demo has evolved into a platform capable of automatically...
by aliduveen | Aug 20, 2018
This is a 3 hour long, fast-paced forensics challenge where participants will work in teams and perform memory and hard drive analysis to solve an investigation. Students will be provided with forensic workstations loaded with free, open source tools like autopsy and...
by aliduveen | Aug 20, 2018
Adopting Docker containers works well for most fast moving orgs, due to flexibility, isolation, transient existence, ease of management and patching. On the other hand, it becomes a challenging environment when the sensitivity level of the data traversing the...
