forensics – Page 8 – WindowsTechs.com

What methods or services identify network attacks? [closed]

Posted on June 26, 2022 by Elijah Dayan

How can I trace network attacks where a stalker observes my traffic and other malware (including implanting malware/reconnaissance)
Which services or methods should be able to identify the activity?

Continue reading What methods or services identify network attacks? [closed]→

Is this 36 character long string a hash [closed]

Posted on May 16, 2022 by Ben Kinigadner

I found this string
b2335332-d28f-449b-8d00-80a550b43046
Do you think it´s a hash?
If yes any idea which one and if not any other ideas what it could be?

Continue reading Is this 36 character long string a hash [closed]→

How to convert a pcap to a png file?

Posted on April 20, 2022 by Nasimul Hasan

I was reading a paper, the authors said they converted their netflow files to 2D image. I want to convert my files to 2D images. What is the process?

Continue reading How to convert a pcap to a png file?→

Calculations of NTFS Partition Table Starting Points [closed]

Posted on March 24, 2022 by Ahmet Furkan Aydogan

I have a disk image. I’m able to see partition start and end values with gparted or another tools. However, I want to calculate them manually. I inserted an image , which showing my disk image partition start and end values. Also, I insert… Continue reading Calculations of NTFS Partition Table Starting Points [closed]→

From a forensics standpoint how much leftovers do package managers in Linux leave behind?

Posted on March 16, 2022 by Sir Muffington

Let’s assume that for my question we’re using the equivalent of apt purge, which also removes configuration files. What’s left behind after apt purge and similar commands from other package managers?
I’m guessing it would be loose dependen… Continue reading From a forensics standpoint how much leftovers do package managers in Linux leave behind?→

How might I rate-limit in nginx against a distributed attacker that has set the number of parallel connections in xerxes to 1?

Posted on March 5, 2022 by John Smith

An attacker tweaks xerxes by setting the number of CONNECTIONS in xerxes to 1 instead of 8, like so:
#define CONNECTIONS 1

They then attack with xerxes-executable mydomain 433.
Their strategy is to use eight time less connections from eac… Continue reading How might I rate-limit in nginx against a distributed attacker that has set the number of parallel connections in xerxes to 1?→

Do popular pentest tools leave any digital fingerprints?

Posted on February 23, 2022 by user62771

Do pentesting tools leave behind any information in order to identify the attacker?

Continue reading Do popular pentest tools leave any digital fingerprints?→

How to image an iPhone on an Azure Windows VM? [closed]

Posted on February 16, 2022 by N3ur0

For my project, we need to image our phones, in my case, an iPhone. The problem is that we have Magnet AXIOM licenses that only work on Windows. I have a Mac with limited disk space, so I chose a Microsoft Azure Windows VM with more cores … Continue reading How to image an iPhone on an Azure Windows VM? [closed]→

IPs from Bitcoin wallets [closed]

Posted on February 15, 2022 by sanju

Is there a way to derive IP addresses associated with bitcoin wallets to trace criminal activities?

Continue reading IPs from Bitcoin wallets [closed]→

Apps used by malware analyst, network engineers [closed]

Posted on January 16, 2022 by Jim

I have been studying cyber security and have done labs for this. I have come across Nmap, Zenmap, Wireshark software. To all the malware analysts and network engineers out there, how often are these kinds of software are used in your work?… Continue reading Apps used by malware analyst, network engineers [closed]→