Skip to content

DMFR SECURITY

another security blog…

  • malware
  • incident response
  • CTF
  • forensics
  • pentesting
  • NSM
  • crackmes
  • reviews

Category: incident response

Finding Processes With Suspicious CWD Using procfs

On February 27, 2021February 27, 2021 By DanielIn CTF, forensics, incident response, Linux, malware

Find malware running from temporary directories using procfs.

Finding Masquerading Processes With procfs

On February 27, 2021April 4, 2021 By DanielIn CTF, forensics, incident response, Linux, malware

Find masquerading processes using procfs.

Using procfs For Forensics and Incident Response

On February 23, 2021April 4, 2021 By DanielIn CTF, forensics, incident response, Linux, malware

Using procfs For Forensics and Incident Response.

CTF Triage Data Acquisition

On January 31, 2021April 4, 2021 By DanielIn CTF, forensics, incident response, Linux, windowsLeave a comment

A quick overview of triage data acquisition in the context of attack/defend CTFs.

Accessing Alternate Data Streams on VMDK Images on Linux

On January 10, 2021April 4, 2021 By DanielIn CTF, forensics, incident response, Linux, malware, pentesting, windowsLeave a comment

Accessing Alternate Data Streams on VMDK Images on Linux.

Windows Startup Folders

On December 31, 2020April 4, 2021 By DanielIn forensics, incident response, malware, pentesting, windowsLeave a comment

Windows Startup Folder locations.

Volatility Notes

On December 20, 2020April 4, 2021 By DanielIn CTF, forensics, incident response, malwareLeave a comment

Some notes and links related to the Volatility Framework

Volatility on Ubuntu 20.04

On December 18, 2020April 4, 2021 By DanielIn CTF, forensics, incident response, Linux, malwareLeave a comment

Quick and dirty way to get Volatility working on Ubuntu 20.04

Windows Sysinternals Notes

On December 14, 2020April 4, 2021 By DanielIn forensics, incident response, windowsLeave a comment

Notes about Windows Sysinternals tools from a security point of view.

Finding Bad With Package Managers

On February 25, 2020February 27, 2021 By DanielIn CTF, dpkg, forensics, incident response, Linux, rpm

Learn how to use dpkg, rpm, and other related tools to find malware on your systems.

Archives

  • April 2021 (1)
  • February 2021 (5)
  • January 2021 (6)
  • December 2020 (8)
  • February 2020 (2)
  • November 2019 (1)
  • October 2019 (2)
  • December 2018 (3)
  • July 2018 (1)
  • May 2017 (2)
  • April 2017 (5)
  • January 2017 (1)
  • December 2016 (4)

Archives

  • April 2021 (1)
  • February 2021 (5)
  • January 2021 (6)
  • December 2020 (8)
  • February 2020 (2)
  • November 2019 (1)
  • October 2019 (2)
  • December 2018 (3)
  • July 2018 (1)
  • May 2017 (2)
  • April 2017 (5)
  • January 2017 (1)
  • December 2016 (4)
Blog at WordPress.com.