Memory analysis on Windows 10 is pretty different from previous Windows versions: a new feature, called Memory Compression, make it necessary a forensic tool able to read compressed memory pages. https://www.andreafortuna.org/2019/08/01/forensic-analysis-of-windows-10-compressed-memory-using-volatility/
Continue readingMonth: June 2021
Autotimeliner to CyberChef to Timesketch
As you might know, I love to combine several OpenSource tools to get things done. One thing I wanted to play for some weeks is Autotimeliner by Andrea Fortuna.This tool is made to extract events …
Continue readingActive Directory forest trusts part 2 – Trust transitivity and finding a trust bypass
In my first personal blog post in 2018 I wrote about Active Directory forest trusts and how they work under the hood. Part two of the series was since then promised but never delivered. https://dirkjanm.io/active-directory-forest-trusts-part-two-trust-transitivity/
Continue readingMind-Maps
Mind-Maps Bug Hunters Methodology – [Jhaddix] Fiding Server side issues – [Imran parray] Javascript Recon My Recon – [Imran parray] https://github.com/imran-parray/Mind-Maps
Continue reading