forensics – Page 8 – WindowsTechs.com

How might I rate-limit in nginx against a distributed attacker that has set the number of parallel connections in xerxes to 1?

Posted on March 5, 2022 by John Smith

An attacker tweaks xerxes by setting the number of CONNECTIONS in xerxes to 1 instead of 8, like so:
#define CONNECTIONS 1

They then attack with xerxes-executable mydomain 433.
Their strategy is to use eight time less connections from eac… Continue reading How might I rate-limit in nginx against a distributed attacker that has set the number of parallel connections in xerxes to 1?→

Do popular pentest tools leave any digital fingerprints?

Posted on February 23, 2022 by user62771

Do pentesting tools leave behind any information in order to identify the attacker?

Continue reading Do popular pentest tools leave any digital fingerprints?→

How to image an iPhone on an Azure Windows VM? [closed]

Posted on February 16, 2022 by N3ur0

For my project, we need to image our phones, in my case, an iPhone. The problem is that we have Magnet AXIOM licenses that only work on Windows. I have a Mac with limited disk space, so I chose a Microsoft Azure Windows VM with more cores … Continue reading How to image an iPhone on an Azure Windows VM? [closed]→

IPs from Bitcoin wallets [closed]

Posted on February 15, 2022 by sanju

Is there a way to derive IP addresses associated with bitcoin wallets to trace criminal activities?

Continue reading IPs from Bitcoin wallets [closed]→

Apps used by malware analyst, network engineers [closed]

Posted on January 16, 2022 by Jim

I have been studying cyber security and have done labs for this. I have come across Nmap, Zenmap, Wireshark software. To all the malware analysts and network engineers out there, how often are these kinds of software are used in your work?… Continue reading Apps used by malware analyst, network engineers [closed]→

Velociraptor & Loki

Posted on December 21, 2021 by Xavier

Velociraptor is a great DFIR tool that becomes more and more popular amongst Incident Handlers. Velociraptor works with agents that are deployed on endpoints. Once installed, the agent automatically “phones home” and keep s a connection with the server… exactly like a malware with it’s C2 server but this time

The post Velociraptor & Loki appeared first on /dev/random.

Continue reading Velociraptor & Loki→

Does my jailbroken with root access iPad store any forensic evidence for usage of the lightning connector?

Posted on December 18, 2021 by Sir Muffington

I am willing to give my iPad for a repair shop, but I would like to know whether they tamper with the OS in any way.

Is there any way with or without special software to gather forensic evidence about whether the lightning port was used t… Continue reading Does my jailbroken with root access iPad store any forensic evidence for usage of the lightning connector?→

Is not turning off your computer "forensically" safe?

Posted on November 23, 2021 by privacyfanatic

Does it affect data recovery, etc.?

Continue reading Is not turning off your computer "forensically" safe?→

Any approach to copy the disk and take RAM shapshot of RouterOS (Mikrotik)?

Posted on November 23, 2021 by askar

everyone!
I have discovered suspicious activity on one of Mikrotik Routers. This device had an outdated version of RouterOS with open ports web, winbox, etc. I believe that it was infected by malware, and there is a need to analyze the con… Continue reading Any approach to copy the disk and take RAM shapshot of RouterOS (Mikrotik)?→

New technique excels at lifting fingerprints from shell casings

Posted on November 15, 2021 by Ben Coxworth

It would be great if forensics teams could easily lift fingerprints off of bullet casings left at crime scenes, but unfortunately doing so is often quite difficult. A new technique developed at the University of Nottingham could change that.Continue Re… Continue reading New technique excels at lifting fingerprints from shell casings→