برای علاقمندان یکم حرفه ای تر
Windows Process injection
https://modexp.wordpress.com/2019/05/25/windows-injection-finspy/
Windows Process injection
https://modexp.wordpress.com/2019/05/25/windows-injection-finspy/
modexp
Windows Process Injection: KernelCallbackTable used by FinFisher / FinSpy
Introduction The surveillance spyware FinFisher, also known as FinSpy, uses what Microsoft called an “interesting and quite unusual” method of process injection via the KernelCallBackTa…
برای علاقمندان و متخصصین RED Team
آموزش تکنیک های فوق العاده تیم قرمزی
مخزن زیر:
https://github.com/CronUp/Awesome-Red-Teaming
آموزش تکنیک های فوق العاده تیم قرمزی
مخزن زیر:
https://github.com/CronUp/Awesome-Red-Teaming
GitHub
GitHub - CronUp/Awesome-Red-Teaming: List of Awesome Red Teaming Resources
List of Awesome Red Teaming Resources. Contribute to CronUp/Awesome-Red-Teaming development by creating an account on GitHub.
DFIR Tools in Windows
n this video, we teach you how to use various forensic tools at the Windows level to track intrusion into the system.
These tools are in the triage stage of analysis and for live analysis
Video duration 2:30
Video language: Persian
Presented by: Saeed Hosseini
https://lnkd.in/eEeABR5g
n this video, we teach you how to use various forensic tools at the Windows level to track intrusion into the system.
These tools are in the triage stage of analysis and for live analysis
Video duration 2:30
Video language: Persian
Presented by: Saeed Hosseini
https://lnkd.in/eEeABR5g
YouTube
DFIR Tools in Windows
In this video, we teach you how to use various forensic tools at the Windows level to track intrusion into the system.
These tools are in the triage stage of analysis and for live analysis
These tools are in the triage stage of analysis and for live analysis
Types of digital data in DFIR
In this video about what kind of information, documents and evidence we should look for in the face of organizational systems and networks or personal systems in case of analysis. In the world of forensic analysis, what kind of information and documents are lost quickly, or what traces can hackers erase, and what information about hacker events and activities remains on the system or network.
So a forensic analyst should be aware of the types of information on digital personal and organizational assets.
Video language: Persian
Presented by: Saeed Hosseini
https://youtu.be/GaQFUxEAJRU
In this video about what kind of information, documents and evidence we should look for in the face of organizational systems and networks or personal systems in case of analysis. In the world of forensic analysis, what kind of information and documents are lost quickly, or what traces can hackers erase, and what information about hacker events and activities remains on the system or network.
So a forensic analyst should be aware of the types of information on digital personal and organizational assets.
Video language: Persian
Presented by: Saeed Hosseini
https://youtu.be/GaQFUxEAJRU
YouTube
Types of digital data in DFIR
In this video about what kind of information, documents and evidence we should look for in the face of organizational systems and networks or personal systems in case of analysis. In the world of forensic analysis, what kind of information and documents are…
Incident Response Methodology - part 1
Video language: Persian
Presented by: Saeed Hosseini
https://youtu.be/T0tPqU3g9Lo
Video language: Persian
Presented by: Saeed Hosseini
https://youtu.be/T0tPqU3g9Lo
YouTube
Incident Response Methodology - part 1
In this video, I talked about the OoDA disaster response methodology. This excellent methodology discusses how to communicate with the SOC center and interact with it, as well as with various other areas such as threat hunting, threat intelligence, etc.
As…
As…
Incident Response Methodology - part 2
Video language: Persian
Presented by: Saeed Hosseini
https://youtu.be/rKrMIpWAMRQ
Video language: Persian
Presented by: Saeed Hosseini
https://youtu.be/rKrMIpWAMRQ
YouTube
Incident Response Methodology - part 2
In this video, I presented the process of responding to disasters in a realistic way and based on experience in different organizations.
This process focused on the triage section in the first place, both at the crime scene and in the laboratory. And then…
This process focused on the triage section in the first place, both at the crime scene and in the laboratory. And then…
Windows Incident Response
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools".
https://lnkd.in/d6wkjWbT
#dfir
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools".
https://lnkd.in/d6wkjWbT
#dfir
Blogspot
Windows Incident Response
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th…
دوره های رایگان و دریافت مدرک بین المللی
https://blueteamresources.in/cybersecurity-free-certification-courses/
https://blueteamresources.in/cybersecurity-free-certification-courses/
Blue Team Resources
Best Cybersecurity Free Certification Courses for 2023
Explore Cybersecurity Free Certification Courses for 2023. Boost your career with top online resources, labs, and networking opportunities. Roadmap included.
ویژه💯 حرفه ای 💯 ویژه
برای علاقمندان به تست نفوذ و تیم قرمز
یک لیست جامع از مخازن RED Team
لینک:
https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations
برای علاقمندان به تست نفوذ و تیم قرمز
یک لیست جامع از مخازن RED Team
لینک:
https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations
GitHub
GitHub - CyberSecurityUP/Awesome-Red-Team-Operations
Contribute to CyberSecurityUP/Awesome-Red-Team-Operations development by creating an account on GitHub.
whids
Open Source EDR for Windows
EDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.
https://lnkd.in/dPvjdEn
Open Source EDR for Windows
EDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.
https://lnkd.in/dPvjdEn
DroneSploit - A pentesting console framework dedicated to drones
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
Hakin9 - IT Security Magazine
404 - Hakin9 - IT Security Magazine
معرفی یک ابزار فوق العاده در حوزه موبایل
Avilla Forensics 3.0
https://github.com/AvillaDaniel/AvillaForensics
Avilla Forensics 3.0
https://github.com/AvillaDaniel/AvillaForensics
This media is not supported in your browser
VIEW IN TELEGRAM
برای علاقمندان به offensive
معرفی یک ابزار برای DLL Injection
ImportDLLInjection
An alternative method of injecting DLLs by modifying PE headers in memory
https://www.x86matthew.com/view_post?id=import_dll_injection
معرفی یک ابزار برای DLL Injection
ImportDLLInjection
An alternative method of injecting DLLs by modifying PE headers in memory
https://www.x86matthew.com/view_post?id=import_dll_injection
برای علاقمندان به تست نفوذ موبایل
یک دیسترو به نظر عالی
شما استفاده کنید
https://mobexler.com/download.htm
یک دیسترو به نظر عالی
شما استفاده کنید
https://mobexler.com/download.htm
💠در این قسمت از ویدیو که با عنوان پیش نیاز آماده شده است، توضیحات درباره سرفصل های این دوره Become a DFIR | Threat Hunter و همچنین ابزارهایی که طی آموزش های پیش رو با آن ها کار خواهیم کرد داده شده است.
🔔سرفصل های از معماری سیستم عامل ، مباحث مربوط به ویندوز و ساختار حافظه و همچنین سطح یوزر و کرنل ویندوز و پرداختن به توابع سطح سیستمی و سرفصل مربوط به معماری مموری لینوکس و نحوه شناسایی بدافزار ها از سطوح مختلف سیستم عامل ها
🔷لینک مشاهده ویدیو:
https://aparat.com/v/8yexP
🔔سرفصل های از معماری سیستم عامل ، مباحث مربوط به ویندوز و ساختار حافظه و همچنین سطح یوزر و کرنل ویندوز و پرداختن به توابع سطح سیستمی و سرفصل مربوط به معماری مموری لینوکس و نحوه شناسایی بدافزار ها از سطوح مختلف سیستم عامل ها
🔷لینک مشاهده ویدیو:
https://aparat.com/v/8yexP
🔆در ویدیو حاضر که روز اول از دوره memory Forensics می باشد به مبحث system overview پرداختیم.
در این قسمت به مرور ساختار cpu و نحوه عملکرد و بخش های مختلف آن پرداخته شد از جمله MMU, direct memory access, volatile memory, address space, TLB
💠نحوه ترجمه آدرس مجازی به آدرس فیزیکی با کمک TLB
✅لینک مشاهده:
https://aparat.com/v/4QB75
در این قسمت به مرور ساختار cpu و نحوه عملکرد و بخش های مختلف آن پرداخته شد از جمله MMU, direct memory access, volatile memory, address space, TLB
💠نحوه ترجمه آدرس مجازی به آدرس فیزیکی با کمک TLB
✅لینک مشاهده:
https://aparat.com/v/4QB75
آپارات - سرویس اشتراک ویدیو
Memory Forensics - Day 1
در ویدیو حاضر که روز اول از دوره memory Forensics می باشد به مبحث system overview پرداختیم.
در این قسمت به مرور ساختار cpu و نحوه عملکرد و بخش های مختلف آن پرداخته شد از جمله MMU, direct memory access, volatile memory, address space, TLB
نحوه ترجمه آدرس…
در این قسمت به مرور ساختار cpu و نحوه عملکرد و بخش های مختلف آن پرداخته شد از جمله MMU, direct memory access, volatile memory, address space, TLB
نحوه ترجمه آدرس…