Cheat sheets
http://acme-labs.org.uk/galleries/47/0000/2345/forensic_cheatsheet.pdf
Digital Forensic War Game
http://real-forensic.com
Forensics workstation
http://computer-forensics.sans.org/community/downloads
HD Forensics
http://osforensics.com/tools/create-disk-images.html
Memory analysis
https://www.volatilesystems.com/default/volatility
http://mnin.blogspot.com/2011/06/examining-stuxnets-footprint-in-memory.html
Packet analysis
http://security.crudtastic.com/
sources:
http://windowsir.blogspot.com/
https://www.volatilesystems.com/default/volatility
http://centralops.net/co/
http://all.net/
timeline creation from images
http://computer-forensics.sans.org/blog/2009/02/24/digital-forensic-sifting-registry-and-filesystem-timel
https://5thsentinel.wordpress.com/2009/06/07/sans-sift-using-regtime-pl/
http://www.sleuthkit.org/sleuthkit/man/mactime.html
Windows analysis
https://bitbucket.org/Elie/owade/wiki/Home
http://acme-labs.org.uk/galleries/47/0000/2345/forensic_cheatsheet.pdf
Digital Forensic War Game
http://real-forensic.com
Forensics workstation
http://computer-forensics.sans.org/community/downloads
HD Forensics
http://osforensics.com/tools/create-disk-images.html
Memory analysis
https://www.volatilesystems.com/default/volatility
http://mnin.blogspot.com/2011/06/examining-stuxnets-footprint-in-memory.html
Packet analysis
http://security.crudtastic.com/
sources:
http://windowsir.blogspot.com/
https://www.volatilesystems.com/default/volatility
http://centralops.net/co/
http://all.net/
timeline creation from images
http://computer-forensics.sans.org/blog/2009/02/24/digital-forensic-sifting-registry-and-filesystem-timel
https://5thsentinel.wordpress.com/2009/06/07/sans-sift-using-regtime-pl/
http://www.sleuthkit.org/sleuthkit/man/mactime.html
Windows analysis
https://bitbucket.org/Elie/owade/wiki/Home
No comments:
Post a Comment