sec
Memoryze http://www.mandiant.com/products/free_software/memoryze/Audit Viewer http://www.mandiant.com/products/free_software/mandiant_audit_viewer/ >Process.bat -input memory_dump.raw -handles true -sections true -ports true -injected true…
A)メモリのダンプMoonSols DumpIt MoonSols DumpIt goes mainstream ! | MoonSols B)メモリの解析 Volatility-2.0 https://www.volatilesystems.com/default/volatility Usage: Volatility - A memory forensics analysis platform.Options: -h, --help list…
やられウェブアプリケーション DVWA - Damn Vulnerable Web Application
Microsoft PowerPoint - Malware Detection Malware Detection.pdf - Google ドライブ malware detection checklist malware detection checklist.docx - Google Docs
http://reconstructer.org/papers/Hunting%20malware%20with%20Volatility%20v2.0.pdf https://www.volatilesystems.com/default/volatility
Forensic Analysis of VMware Hard Disks - Digital Forensics Forums | ForensicFocus.com
SANS Digital Forensics and Incident Response Blog | Digital Forensic SIFTing: SUPER Timeline Creation using log2timeline | SANS Institute
SANS Digital Forensics and Incident Response Blog | SIFT Workstation 2.12 Release and ChangeLog | SANS Institute
OS X Lion Artifacts | Forensic Artifacts
Redirecting
Index of /hitbsecconf2011kul/materials [http://conference.hitb.org/hitbsecconf2011kul/materials/:image]
http://www.computerworld.jp/topics/593/%E3%83%8D%E3%83%83%E3%83%88%E3%83%AF%E3%83%BC%E3%82%AF%E6%A9%9F%E5%99%A8/200890/%E6%AC%A1%E4%B8%96%E4%BB%A3%E3%83%95%E3%82%A1%E3%82%A4%E3%82%A2%E3%82%A6%E3%82%A9%E3%83%BC%E3%83%AB%EF%BC%8FPalo%20Alto%…
Zero Wine Tryouts | Official Website
XORSearch & XORStrings | Didier Stevens
http://zeltser.com/remnux/
エフセキュアブログ : 政府によるものとおぼしきバックドアを発見(「R2D2ケース」)
http://www.contextis.com/research/blog/reverseproxybypass/
NTFS $I30 Index Attributes: Evidence of Deleted and Overwritten Files | Forensic Methods
windows7 64bitAMD Radeon HD 6450ハッシュ:NTLM検証NTLMハッシュ数:3000辞書単語数:3400万 C:\>oclHashcat-plus32.exe -m 1000 ntlm2.txt dic.txt Status.......: Exhausted Hash.Type....: NTLM Input.Mode...: File (dic.txt) Time.Running.: 12 secs …
リバースエンジニアリング入門(3):シェルコード解析に必携の「5つ道具」 (1/3) - @IT
http://capture.thefl.ag/2011/Defcon-Final/
Feelings and write-ups about Defcon CTF Routards Team Blog: Defcon 19 CTF - Castle Routards Team Blog: Defcon 19 CTF - Bunny
モバイル向けマルウェアが倍増ペース、Android狙う「ZeuS」も出回る -INTERNET Watch
SANS Digital Forensics and Incident Response Blog | Digital Forensics Case Leads: SIFT 2.1, Volatility 2.0 | SANS Institute
windowsのパスワードリセット Offline Windows Password & Registry Editor
Dropbox Config Files (Windows) | Forensic Artifacts
http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml
今週のSecurity Check - 不正に細工されたOfficeファイルからクライアントPCを守る「Microsoft Officeファイル検証」:ITpro
PCI Security Standards Documents: PCI DSS, PA-DSS, PED Standards, Compliance Guidelines and More
murachue http://www.slideshare.net/murachue/grep-8057239