Mount a windows partition showing the system files:
mount -o ro,show_sys_files,streams_interface=windows /dev/sdb2 /mnt/analysis
Taken from "Super Time Line Analysis - SANS DFIR Webcast" https://www.youtube.com/watch?v=C4jNfXZ90fw
Twitter: @lokut
This blog is for educational purposes only. The opinions expressed in this blog are my own and do not reflect the views of my employers.
Subscribe to:
Post Comments (Atom)
Test Authentication from Linux Console using python3 pexpect
Working with the IT420 lab, you will discover that we need to discover a vulnerable user account. The following python3 script uses the pex...
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist...
-
I ran a Nikto scan and found the following vulnerability in the report that it produces: "OSVDB-637: Enumeration of users is possible...
-
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them...
-
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th...
-
Sony Pictures Entertainment on November 24, 2014 suffered a devastating attack from North Korea. This attack caused the release of multiple...
No comments:
Post a Comment