Collaborate Disseminate
Bruce Nikkel: Okay, thanks everyone. I hope you enjoyed the break. Welcome to the first session: session one, with the theme of file system forensics. We have two interesting papers in this session. The first one is a systematic … Read mor… Continue reading A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems
Bruce Nikkel: Okay, thanks everyone. I hope you enjoyed the break. Welcome to the first session: session one, with the theme of file system forensics. We have two interesting papers in this session. The first one is a systematic … Read mor… Continue reading A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems
Linux is the dominant operating system used for the millions of web servers on which the Internet is built. ZDNet reports, in fact, that 96.3% of web servers run Linux. Because of this, a large number of incidents involving … Read more The post … Continue reading A Linux Forensics Starter Case Study
GRR Rapid Response is an incident response framework focused on remote live forensics. It based on client server architecture, so there’s an agent which is installed on target systems and a Python server infrastructure that can manage and communicate with the agents. There are agents for Windows, Linux and Mac OS X environments. Overview To…
Read the full post at darknet.org.uk
Continue reading Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response