Memory Forensic

We started providing professional services to individuals and organizations ranging from consultation sessions to fully managed services! ?? Check them out here: https://lnkd.in/g_pu_e35

Curious about the 13Cubed Investigating Memory Forensics course? We have made a detailed overview about the course for you! Check it out :) ?? https://lnkd.in/daTif4C7 #DFIR #digitalforensics #memoryforensics

It was an absolute pleasure to have successfully completed the Investigating Windows Memory course and passed its test with gold credentials from 13Cubed! This course was nothing short of amazing, discussed two main tools Volatility and MemProcFS, while also shedding some light on WinDBG. This course was one of the best courses I took in regards to Memory Forensics. I really enjoyed going through the material, paying attention to some tips and tricks, and practicing them myself. I am soon publishing a detailed review about the course on Memory Forensic, so stay tuned. Every course has its pros and cons, but I wouldn't call them 'cons' in this course - rather, areas for improvement, as it is truly well-put together ?? What I mostly like about the course: - Utilizing both Volatility 2 and 3 on an equal footing. - Talking briefly to Windows internals and process hierarchy. - Shedding some light on advanced topics such as Volshell and WinDBG was amazing - wish it was discussed more :( - A lot of practice to perform and learn from. - There is an active discussion forum under each lesson to post questions and get involved with others. - Discussing Virtual memory forensics was a plus. - Performing some disk forensics in a memory forensics course was a great add-on, as it is not possible to completely separate between the two. - The course discusses the MemProcFS tool, which I really like. - Mentioning the use of Yara and extracting IoC, because memory forensics is great in finding the root cause in cyber incidents/cases. - A lot of tips, tricks and details mentioned between the lines, that may not be known to many practitioners. - The best part was not avoiding errors, but rather explaining why they occurred and how to fix them! ?? What I wish to expand on: - In my humble opinion, while I understand that it is impossible to cover every plugin,a few important plugins were not discussed. ?? General points to know/consider: - The course needs a small update regarding some new released plugins for Vol3, but I have been told that they are waiting to do more testing on new plugins, which is amazing! - I would recommend putting CPE hours on the certificate of completion, but I have been told that you can request them to add CPE, really good! - Malware analysis part is a bit short, so I wish to expand on this module, especially in malware persistence techniques, even though it is stated that the focus of the course is not malware analysis, but purely memory forensics. - Even though the windows internals knowledge was sufficient for the course, I wish it was going more in-depth. The overall course was for beginner/intermediate level. A very high quality well-rounded course, and I think it is really helpful to take information and learn from such veterans like Richard Davis! ?? If interested, you can register here: training[.]13cubed[.]com/investigating-windows-memory To the next project ?? ...

For people who want to learn memory forensics, I have built two FREE resources for you! 1. Memory Forensic - ?? memoryforensic[.]com 2. Cyber Holmes - ?? chatgpt[.]com/g/g-4cRdNF6lb-cyber-holmes ?? Memory Forensic is a blog-like website that I share challenges from different platforms, my crafted challenges, tools, samples, reviews, etc. ?? I share posts whenever I could or you can even contribute to it :) ?? A new sponsor will soon be introduced, stay tuned :) ??Cyber Holmes is a custom GPT that has lots of books, notes, knowledge generally in DFIR and particularly in memory forensics in order to help you getting started or for answering specific queries. ?? New updates and books are being added over time. Hope you get the most out of these resources! ?? P.S. share this post if you found it useful and let me know your feedback about them, did you know these two resources before? Were they useful?

The Winner of 13Cubed Memory Forensics Course is: Felipe Moraes Congratulations! Hope you let us know your experience about it once finished and share your knowledge! I will DM you for the details :) For the others, do not worry, there are many giveaways in the way, so stay tuned??

If you are up to the challenge, go and solve this new memory forensics challenge! ?? ?? https://lnkd.in/dKp_AB5P #cybersecurity #memoryforenscis #dfir #digitalforensics

?? ?????????????? ?????????????? ????????????????! ?? I know you wanted to get more from 13Cubed giveaway since last one, so here is your second shot! Thanks to the generosity of 13Cubed, they are amazing enough to offer another FREE voucher for their highly-acclaimed course, "Investigating Windows Memory." This is the second time, Memory Forensic partnered with 13Cubed ^^ ???? ???????? ???? ???????????? ????????????????? ?? Memory Forensic offers FREE bite-sized, easy-to-digest tutorials ?? , memory forensic challenges ??, memory dumps ??, CTFs, videos ?? , write-ups, news ??, book recommendations ?? , courses' reviews, and much more. ?? You can access the website here: memoryforensic[.]com ?????????????? ???????????? ???? ?????? ?????????????? ?? 13Cubed ?? You can access 13Cubed website here: 13cubed[.]com They are also listed in our sponsors page here: memoryforensic[.]com/sponsors I am going through their course, and it is really a high quality one (this for later). I appreciate their usual support to the cybersecurity community, so please show them some love and appreciation ?? ???????????????? ?????????????? ?? Here’s what you can win: ? ??????????????: O?n?e? ?V?o?u?c?h?e?r? for the Investigating Windows Memory course. ?????? ???? ?????????????????????? ???? ?????? ???????????????? ?? Follow all these simple steps: 1. Follow ?? Husam Shbib & the Memory Forensic ?? page. 2. Like ?? & Mention someone (not yourself) needs this course in the comments ??. 3. Repost this announcement ??. ???????????????? ?????????? ? To ensure fairness: ?? No fake accounts (will be checked). ?? Tagging one time in the comments section. ?? Participation ends on EOD October 31th (UTC+3)?. ?? Winners are chosen randomly. ?? You do not already have the course ???????????? ???????????????????????? ?? Winners will be announced in the second week of November, and prizes will be distributed in the same week. I will DM you if you won. So, participate & stay tuned by turning on the notification bell ??! #cybersecurity #memoryforenscis #dfir #digitalforensics

If you are looking for a new challenge, check out our latest blog on 13Cubed's recent Linux memory forensics challenge: ?? https://lnkd.in/dFGgjNsy I would recommend two things: 1?? Build the symbol table yourself using WSL2 or VM 2?? Do not look at the write-up, unless you try solving it on your own. #memoryforensics #infosec #cybersecurity #dfir #digitalforensics

$100 Giveaway ??: Digital Forensics & Data Recovery Challenge ?? Are you ready to put your forensic skills to the test? ?????? ???? ???????????????? ????????? I am ??! I'm conducting a research on secure file wiping and need your expertise to test my findings. ?????? ?????? ??????????????????? I've securely wiped three files from an external disk - a document, a video, and an image file ??. While they were securely deleted, I want to see if anything was left behind that you could recover and make sense. If you manage to retrieve the details I need, you win the prize! You should not suppose to find any of them! ???????? ??????????????????: - Find at least two of the three wiped files' real names. - Identify their extensions. - Recover any part of the deleted content. (e.g., 5 different video frames, some text from the document, part of the image) - Let me know how you managed to get them. ?????? ???? ??????: Be the first to successfully uncover the details above by November 1st, 2024. You can use any forensic tool of your choice. If you solve it correctly, the $100 prize is yours! ?? To download the image (10GB): https://lnkd.in/dEuUc3aF Share to let other people know about it! #cybersecurity #dfir #digitalforensics #datarecovery

?? We're excited to share our first collaborative blog post! ?? This is a brief memory analysis case study of the Cridex malware, authored by Diyar Saadi, offers valuable insights and practical takeaways for every DFIR professional. ?? Check it out here: https://lnkd.in/dmF7KRK6 Your feedback is always welcome – and hope you find it insightful! ?? #memoryforensics #digitalforensics #cybersecurity #infosec #DFIR