Linux Forensics - Collecting a Triage Image Using The UAC Tool
Learn how to take a triage image of a *nix based system using the UAC tool.
top of page
Search
Jan 214 min read
Evidence of Program Existence - Shimcache
Learn what Shimcache is, how to analyze it, and why it's misunderstood.
Aug 18, 20235 min read
Sysmon: When Visibility is Key
Learn why visibility is everything when responding to an incident.
Aug 12, 20235 min read
A LNK To The Past: Utilizing LNK Files For Your Investigations
We've all heard of "Link" or "LNK" files, right? You want a faster way to open your favorite game, document or application without need...
bottom of page