Python Parser to Recover Deleted SQLite Database Data
Soooo.... last week I was listening to the Forenisc Lunch and the topic of parsing deleted records from SQLite databases came up. These Forensic Lunches are every Friday and cover a wide range of topics relevant to the Forensics Community and are hosted by David Cowen. I highly recommend participating in one if you get the chance. It's actually at 10am my time, so it's more like a Forensic Doughnut for me.
blog
Soooo.... last week I was listening to the Forenisc Lunch and the topic of parsing deleted records from SQLite databases came up. These Forensic Lunches are every Friday and cover a wide range of topics relevant to the Forensics Community and are hosted by David Cowen. I highly recommend participating in one if you get the chance. It's actually at 10am my time, so it's more like a Forensic Doughnut for me.
blog
π‘ t.iss.one/HackLabel
π2
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns.YARAβs documentation
example:
rule android_banker
{
meta:
description = "Detects Android Banker"
author = "Oleg Skulkin"
strings:
$s1 = "com.example.horsenjnj" ascii wide
$s2 = "res/xml/shit.xml" ascii wide
condition:
all of them
}
π‘ t.iss.one/HackLabel
β’ Joe Sandbox is a malware analysis service that allows users to submit suspicious files for analysis. This service can help you identify new malware and prevent it from causing harm.
β’ Using Joe Sandbox, suspicious files are automatically analyzed and the results are presented to you. This service is capable of detecting various types of malware, including spyware, trojans, viruses, bots, and more.
β’ With Joe Sandbox, you can easily identify suspicious files and delete them if necessary. This service allows you to identify new malware and prevent it from causing harm.
β’ Joe Sandbox features include accurate analysis, malware detection, behavioral detection, vulnerability detection, comprehensive reporting, and more. Using this service, you can easily analyze suspicious files and prevent them from causing harm.
Link: https://www.joesandbox.com/
β’ Using Joe Sandbox, suspicious files are automatically analyzed and the results are presented to you. This service is capable of detecting various types of malware, including spyware, trojans, viruses, bots, and more.
β’ With Joe Sandbox, you can easily identify suspicious files and delete them if necessary. This service allows you to identify new malware and prevent it from causing harm.
β’ Joe Sandbox features include accurate analysis, malware detection, behavioral detection, vulnerability detection, comprehensive reporting, and more. Using this service, you can easily analyze suspicious files and prevent them from causing harm.
Link: https://www.joesandbox.com/
π‘ t.iss.one/HackLabel
π2