4 WhatsApp alternatives, focused on privacy
The recent controversies related to new WhatsApp‘s Privacy Policy have lead many users to start looking for new alternatives.
Continue…How to detect Cobalt Strike Beacons using Volatility
Recently I’ve already written about Cobalt Strike detection during forensics analysis. However, some followers asked my if it was possibile to perform this activities using Volatility, in order to integrate them in existing analysis workflows.
Continue…How to process recent Windows 10 memory dumps in Volatility 2
Today I want to briefly take up a topic already addressed in a previous post: analysis of Windows 10 memory dumps using Volatility 2.
Continue…How to boot an Encase (E01) image using VirtualBox
Sometimes, during an incident analysis, you may need to replicate behaviours of a specific host, perhaps already acquired with a forensic method.
Continue…Mobile forensics: how to identify suspicious network traffic
During a forensic analysis on mobile devices, especially when you are not able to perform a full memory acquisition, a network traffic analysis could be useful in order to identify suspicious activities.
Continue…OSX Forensics: a brief selection of useful tools
Today I’d like to share a brief list of useful tools I use for OSX analysis.
Continue…How to extract forensic artifacts from Linux swap
In order to expand the address space that is effectively usable by a process and to expand the amount of dynamic RAM, modern operating systems use the method known as swapping.
Continue…iOS Forensic: full disk acquisition using checkra1n jailbreak
A simple step-to-step tutorial for iOS full acquisition.
Continue…How to detect Cobalt Strike activities in memory forensics
A brief update on Cobalt Strike detection in forensics analysis, with a couple of new resources.
Continue…Jeffrey Paul: your computer isn’t yours
Some privacy concerns about Apple Silicon and MacOs Big Sur.
Continue…