DFSP # 451 SQL Triage
SQL injection poses significant risks by enabling attackers to access sensitive metadata, execute dynamic SQL commands, and alter system parameters. These actions can lead to unauthorized data access ...
8 Okt 202426min
DFSP # 450 Secure coding and DFIR
I decided to talk this week about the Importance of Secure Coding Knowledge for Security Incident Response Investigations. Knowing secure coding principles helps identify the root causes of vulnerabil...
1 Okt 202419min
DFSP # 449 Zero-Day or Hero-Day
This week, we're covering zero-day vulnerability response from a Digital Forensics and Incident Response professional's perspective. In our roles, we often get involved in various tasks that require a...
24 Sep 202433min
DFSP # 448 WebShell Forensics
Welcome to this week's session, where we'll delve into web shell forensics—an ever-critical topic in incident response investigations and threat-hunting strategies. Today, I'll provide a breakdown tha...
17 Sep 202420min
DFSP # 447 Linux Root Kits
Rootkits are hard to detect because they employ advanced stealth techniques to hide their presence. They can conceal processes, files, and network activities by altering system calls and kernel data s...
10 Sep 202432min
DFSP # 446 Registry by EVTX
In previous episodes, we covered techniques for examining the Windows Registry, a critical component in identifying persistence mechanisms. We'll explore the registry but shift our focus to registry m...
3 Sep 202420min
DFSP # 445 Bash Triage
Bash history's forensic value lies in its ability to answer diverse investigative questions, making it a cornerstone artifact for Linux systems. It aids in triaging lateral movement, identifying recon...
27 Aug 202427min
DFSP # 444 A little assistance
The UserAssist key is a Windows Registry artifact that logs details about user activity, such as recently accessed programs and files. It encodes information on the frequency and last access time of i...
20 Aug 202428min
