» Analyzing Hyper-V Saved State files in Volatility technet.microsoft.com

Collection of forensics artifacs location for Mac OS X and iOS github.com

github.

Volatility Foundation Rekall Memory Forensic Framework Invtero.net by ShaneK2

Microsoftのコードエディタ「Visual Studio Code」β版でオープンソース化、拡張機能で「Go」など約60言語に対応 gigazine.net

http://digital-forensics.sans.org/media/rekall-memory-forensics-cheatsheet.pdf

Threat Analysis: Poison Ivy and Links to an Extended PlugX Campaign – CYINT Analysis

Deobfuscating Shifu Shifu Malware Analyzed: Behavior, Capabilities and Communications - iSIGHT Partners

Tool to extract indicators of compromise from security reports in PDF format https://github.com/armbues/ioc-parser $ ./ioc-parser.py -i pdf -o yara waterbug-attack-group.pdf rule waterbug_attack_group { strings: $Filename1 = "NDProxy.sys" …

以下のサイトを参考にしてインストールした。 http://qiita.com/tkeydll/items/eef45760905f7a5f9908

$ sudo apt-get update $ sudo apt-get install git $ sudo apt-get install subversion $ sudo apt-get install ruby $ sudo apt-get install jruby $ sudo apt-get install ruby-dev $ sudo apt-get install ImageMagick $ sudo apt-get install libmagick…

$ git clone https://github.com/taigaio/taiga-scripts.git $ cd taiga-scripts $ cd scripts $ vi setup-postgresql.sh変更前 postgresql-9.3 postgresql-contrib-9.3 \ postgresql-doc-9.3 postgresql-server-dev-9.3 変更後 postgresql postgresql-contr…

git clone https://github.com/volpe28v/kanban-list sudo apt-get install bundler sudo apt-get install libpq-dev sudo gem install pg sudo apt-get install libsqlite3-dev sudo gem install sqlite3 bundle rake db:migrate rails s

https://github.com/CIRCL/AIL-framework 別途「google snappy」をインストール https://code.google.com/p/snappy/

sudo apt-get install python-pip sudo pip install PyYAML sudo pip install BeautifulSoup git clone https://github.com/cvandeplas/pystemon