Find malware running from temporary directories using procfs.
Find masquerading processes using procfs.
Using procfs For Forensics and Incident Response.
A quick overview of triage data acquisition in the context of attack/defend CTFs.
Accessing Alternate Data Streams on VMDK Images on Linux.
My review of SEKTOR7 Institute's Red Team Operator, Windows Persistence course.
Windows Startup Folder locations.
Some notes and links related to the Volatility Framework
Quick and dirty way to get Volatility working on Ubuntu 20.04
Notes about Windows Sysinternals tools from a security point of view.
Learn how to use dpkg, rpm, and other related tools to find malware on your systems.