latest

Windows forensics

Introduction
- What?
- Why?
- How?
A Windows server
Organisation X desktop

Linux forensics

Introduction
- What?
- Why?
- How?
Persistence mechanisms
Evidence of execution
Log files

RedLine

Introduction
- What?
- Why?
- How?
Standard Collector Analysis
- Questions
- Resources
IOC Search Collector
- Resources
IOC Search Collector Analysis
- Questions
- Resources
Endpoint investigation
- Questions
- Resources

Tools in a nutshell

Introduction
- What?
- Why?
- How?
Autopsy
KAPE in a nutshell
- Target options
- Module options
Volatility
Velociraptor in a nutshell
- Resources
TheHive Project
- Resources

Challenges

Introduction
- What?
- Why?
- How?
Leaking private company data (again)
- Resources
Windows 10 disk image
- Questions
Acceptable Use Policy violation
- Questions
BOB! THIS ISN’T A HORSE!
That Kind of Hurt my Feelings
- Resources
Hunt for a nightmare
- Questions

Digital forensics and incident response (DFIR)

DFIR
Blue Team
Improbability Blog
About the UU
Register

Introduction

What?

Challenges.

Why?

Practicing.

How?

Leaking private company data (again)
Windows 10 disk image
Acceptable Use Policy violation
BOB! THIS ISN’T A HORSE!
That Kind of Hurt my Feelings
Hunt for a nightmare

Previous Next

Unseen University, 2023, with a forest garden fostered by /ut7.

Read the Docs v: latest

Versions: latest

Downloads

On Read the Docs: Project Home; Builds