sec
Memoryze http://www.mandiant.com/products/free_software/memoryze/Audit Viewer http://www.mandiant.com/products/free_software/mandiant_audit_viewer/ >Process.bat -input memory_dump.raw -handles true -sections true -ports true -injected true…
![はてなブックマーク - [memory] Memoryze と Audit Viewer](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20120203/p2)
A)メモリのダンプMoonSols DumpIt MoonSols DumpIt goes mainstream ! | MoonSols B)メモリの解析 Volatility-2.0 https://www.volatilesystems.com/default/volatility Usage: Volatility - A memory forensics analysis platform.Options: -h, --help list…
![はてなブックマーク - [memory] Volatility](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20120203/p1)
やられウェブアプリケーション DVWA - Damn Vulnerable Web Application
![はてなブックマーク - [web] [DVWA] Damn Vulnerable Web Application](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20120201/p1)
Microsoft PowerPoint - Malware Detection Malware Detection.pdf - Google ドライブ malware detection checklist malware detection checklist.docx - Google Docs
![はてなブックマーク - [malware] [forensics]](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20120121/p1)
http://reconstructer.org/papers/Hunting%20malware%20with%20Volatility%20v2.0.pdf https://www.volatilesystems.com/default/volatility
![はてなブックマーク - [memory] [forensic] [Volatility] Hunting malware with Volatility v2.0](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111231/p1)
Forensic Analysis of VMware Hard Disks - Digital Forensics Forums | ForensicFocus.com
SANS Digital Forensics and Incident Response Blog | Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline | SANS Institute
![はてなブックマーク - [forensics] Digital Forensic SIFTing: SUPER Timeline Analysis and Creation using log2timeline-sift](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111208/p1)
SANS Digital Forensics and Incident Response Blog | SIFT Workstation 2.12 Release and ChangeLog | SANS Institute
![はてなブックマーク - [forensics] [tool] SIFT Workstation 2.12 Release and ChangeLog](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111203/p1)
OS X Lion Artifacts | Forensic Artifacts
![はてなブックマーク - [mac] [Lion] [Forensics] OS X Lion Artifacts](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111127/p1)
Redirecting
![はてなブックマーク - [HITCON2011] 問題一覧](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111126/p1)
Index of /hitbsecconf2011kul/materials [http://conference.hitb.org/hitbsecconf2011kul/materials/:image]
![はてなブックマーク - [HITB] [CONF2011] 資料](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111125/p1)
http://www.computerworld.jp/topics/593/%E3%83%8D%E3%83%83%E3%83%88%E3%83%AF%E3%83%BC%E3%82%AF%E6%A9%9F%E5%99%A8/200890/%E6%AC%A1%E4%B8%96%E4%BB%A3%E3%83%95%E3%82%A1%E3%82%A4%E3%82%A2%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB%EF%BC%8FPalo%20Alto%…
Zero Wine Tryouts | Official Website
![はてなブックマーク - [malware] [analysis] Zero Wine Tryouts](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111023/p1)
XORSearch & XORStrings | Didier Stevens
http://zeltser.com/remnux/
![はてなブックマーク - [remnux] マルウェア解析用ubuntu](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20111022/p1)
エフセキュアブログ : 政府によるものとおぼしきバックドアを発見(「R2D2ケース」)
http://www.contextis.com/research/blog/reverseproxybypass/
NTFS $I30 Index Attributes: Evidence of Deleted and Overwritten Files | Forensic Methods
![はてなブックマーク - [forensics] NTFS $I30 Index Attributes: Evidence of Deleted and Overwritten Files](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20110928/p1)
windows7 64bitAMD Radeon HD 6450ハッシュ:NTLM検証NTLMハッシュ数:3000辞書単語数:3400万 C:\>oclHashcat-plus32.exe -m 1000 ntlm2.txt dic.txt Status.......: Exhausted Hash.Type....: NTLM Input.Mode...: File (dic.txt) Time.Running.: 12 secs …
![はてなブックマーク - [gpu] [crack] [password] oclHashcat-plus](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20110920/p1)
リバースエンジニアリング入門(3):シェルコード解析に必携の「5つ道具」 (1/3) - @IT
http://capture.thefl.ag/2011/Defcon-Final/
Feelings and write-ups about Defcon CTF Routards Team Blog: Defcon 19 CTF - Castle Routards Team Blog: Defcon 19 CTF - Bunny
モバイル向けマルウェアが倍増ペース、Android狙う「ZeuS」も出回る -INTERNET Watch
SANS Digital Forensics and Incident Response Blog | Digital Forensics Case Leads: SIFT 2.1, Volatility 2.0 | SANS Institute
![はてなブックマーク - [forensic] Digital Forensics Case Leads: SIFT 2.1, Volatility 2.0](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20110805/p1)
windowsのパスワードリセット Offline Windows Password & Registry Editor
![はてなブックマーク - [password] [reset] Offline NT Password and Registry editor](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20110703/p1)
Dropbox Config Files (Windows) | Forensic Artifacts
![はてなブックマーク - [forensic] Dropbox Config Files (Windows)](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20110702/p1)
http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml
![はてなブックマーク - [NSA] [堅牢化] Security Configuration Guides](https://b.hatena.ne.jp/entry/image/https://luffy.hatenablog.com/entry/20110701/p1)
今週のSecurity Check - 不正に細工されたOfficeファイルからクライアントPCを守る「Microsoft Officeファイル検証」:ITpro
PCI Security Standards Documents: PCI DSS, PA-DSS, PED Standards, Compliance Guidelines and More
murachue http://www.slideshare.net/murachue/grep-8057239
