4n6ir.com
Forensic Incident Response
by James Habben & John Lukach
- Route53 Public Host Zone Pattern
- Privileged Account Identification
- Validating GitHub Webhooks with Python
- GitHub OpenID with AWS CDK
- Serverless Forensic Imager
- Getting Started - AWS Cloud Development Kit
- Snapshot 4n6ir Imager Initial Release
- Processing Progress in Axiom
- NTFS Object IDs in EnCase - Part 3
- NTFS Object IDs in X-Ways
- NTFS Object IDs in EnCase - Part 2
- NTFS Object IDs in EnCase
- Parsing CFBundleURLSchemes from MacOS Apps
- Show and Search for Owner ID in X-Ways
- Show and Search for NTFS Owner in EnCase
- Show Your Timezone in X-Ways
- Show Your Timezone in EnCase
- Living with a Credit Freeze
- Reputations and PCI Data Breaches
- Evolve Version 1.6
- Malicious USB Devices
- Skills and Knowledge for InfoSec
- Infosec Jobs
- Compile Time Analysis of NotPetya
- Soft Skills: Respect
- Fileless Application Whitelist Bypass and Powershell Obfuscation
- Layers Are Important
- Soft Skills: Be Present
- Real Self Improvement
- CCM_RecentlyUsedApps Update on Unicode Strings
- Windows Prefetch: Tech Details of New Research in Section A & B
- Windows Prefetch: Overview of New Research in Sections A & B
- BsidesSLC Experience and Offer to Help
- CCM_RecentlyUsedApps Properties Forensics
- Secret Archives of Execution Evidence: CCM_RecentlyUsedApps
- BSides Los Angeles - Experience and Slides
- Windows Elevated Programs with Mapped Network Drives
- GUIs are Hard - Python to the Rescue - Part 1
- Reporting: Benefits of Peer Reviews
- Report Rapport
- Building Python Packages, By a Novice
- Blocks in Practical Use
- Block Hunting
- Unified We Stand
- Say Uncle
- Crashing into a Hint
- I Got This!
- Analyzing IEaaS in Windows 8