Articles

Image
     It been a while i did'nt talk about Digital Forensic And Incident Response . As a core part of cybersecurity ; we must know some concepts related to memory dump analysis ! Here is the picture ; i'm gonna show you how we triggers information from your dump files / RAM /USB KEY ............          Let's Dive in with this machine : FORENSICS coming from tryhackme.com   1 - Introduction to Memory Dump Analysis Memory dump analysis is a very important step of the Incident Response process . The RAM (memory) dump of a running compromised machine usually very helpful in reconstructing the events/activities that the attacker performed on the machine.     So that rude ; to be simple , using a tool called Volatiltity is pretty helpull when doing stuff with memory dump  If you haven't installed yet , check out this link   https://github.com/volatilityfoundation/volatility3/releases/tag/v2.8.0     Let's go ! !...
Enregistrer un commentaire
Read more »
Image
  Sherlock Santa Krampus :  OpTinselTrace24-1: Sneaky Cookies                               I-  Scenario     QUESTION 1: Krampus, a notorious threat actor, possibly social-engineered bingle as email security filters were offline for maintenance. Find any suspicious files under Bingle Jollybeard User directory and get back to us with the full file name explanation: After succesfully unzip the downloaded file , make a tree on it and look for any suspicious coming from Bingle \Jollybeard   user           Answer : QUESTION 2: Using the malicious file sent as part of phishing, the attacker abused a legitimate binary to download and execute a C&C stager. What is the full command used to download and execute the C&C Binary?   explanation : Ok , Inside of the directory where the shorcut file is located , use " lnkinfo"...
Enregistrer un commentaire
Read more »
Image
  Day 18 - ADVENT OF CYBER 2024 TRYHACKME : I could use a little AI interaction! Storyline Hyped with their latest release, a "health checker" service that tracks the health and uptime of the Wareville systems, the Wareville developers envisage the day in which the inhabitants of Wareville have a one-stop shop for seeking the answers to life's mysteries and aiding them in their day-to-day jobs. As an initial first stage, the Wareville developers create an alpha version of WareWise - Wareville's intelligent assistant. Aware of the potential dangers of intelligent AI being interacted with, the developers decided to slowly roll out the chatbot and its features. The IT department is the first to get hands-on with WareWise. For the IT department, WareWise has been integrated with the "health checker" service, making it much easier for the IT department to query the status of their servers and workstations. Learning Objectives In today's task, ...
Enregistrer un commentaire
Read more »