Andrea Fortuna
Just some random thoughts about the Meaning of Life, The Universe, and Everything

Cobalt Strike was born as a penetration testing tool, useful for Red Teaming activities.

Data extraction, data acquisition, data analysis? Let’s try to make it a little clearer!

Sysdiagnose logs allow developers to extract information from iOS devices, and it is used for understanding bug occurrences.
However, this log is also useful for forensic purposes when a full device acquisition is not possible/available.

In order to perform a correct forensic analysis on a Apple device, a basic knowledge of storage, file allocation methods relevant files paths is always required.

I’ve already written about DLL Hijacking, but today I’d like to share a really interesting research by Wietze Beukema.

I read an interesting article that I’d like to share with you today.
A post on Elcomsoft blog by James Duffy, titled “Demystifying iOS Data Security”.

LinuxCheck is a small bash script for information collection, useful for emergency response on Debian and Centos systems.

Recently I had to perform a forensic investigation on a server that had made some strange Remote Desktop activities.
In that case, the analysis of windows events has turned out really useful.

Vladimir Katalov published, on ElcomSoft‘s blog, a good post about forensic acquisition techniques for iOS devices.

In 2008, a team of students and researchers from Princeton University, Wind River Systems and the Electronic Frontier Foundation published a research paper [3] examining the phenomena of computer memory remanence.
That paper has confirmed what had long been theorized by computer security practitioners: the volatile memory of computer systems is less volatile than expected.