Dfir | So Long, and Thanks for All the Fish

The little handbook of Windows Memory Analysis

Posted on March 15, 2019March 13, 2019 by Andrea Fortuna

Just some thoughts about memory, Forensics and Volatility! Hits: 320

SNDBOX: using Artificial Intelligence for malware analysis

Posted on December 10, 2018December 5, 2018 by Andrea Fortuna

Cybersecurity researchers Ran Dubin and Ariel Koren have developed a new platform form malware analysis, based on an AI engine. Hits: 87

Android Forensics: imaging android filesystem using ADB and DD

Posted on December 3, 2018December 2, 2018 by Andrea Fortuna

Let’s starting a series of article related to digital forensic focused on mobile devices. In this first post i’d like to share some thoughts about image acquisition on android devices. Hits: 1779

AutoTimeliner: automatically extract forensic timeline from memory dumps

Posted on November 19, 2018November 21, 2018 by Andrea Fortuna

Often, during an incident response, may be necessary to analyze a lot of evidences, like disk and memory dumps. Hits: 433

Process Injection and Persistence using Application Shimming

Posted on November 12, 2018October 15, 2018 by Andrea Fortuna

Microsoft provides Shims to developers mainly for backward compatibility, but malware can take advantage of shims to target an executable for both persistence and injection. Hits: 107

← Newer posts Older posts →