Memory Forensics Step by Step / eForensics MagazineOctober 10, 2013
Step by step to work with your own memory dumps
In this magazine release (which I am on the cover) I've written an article named "Step by step to work with your own memory dumps". You can learn how to infect your computers in a lab environment in order to get a memory dump to analyze malware samples. I make a memory forensics studio of two trojans, Zeus and Stuxnet with Volatility. I give you the links to download these memory dumps... Also you will read a timeline of the last well known cyber attacks.
Wireshark Master / eForensicsMagazine07 April, 2014
Two Real Network Forensics Analysis: CASE STUDIES OF THE ATTACKS ON PHP.NET AND THE BOSTON BOMBS MALWARE
In this release you will find two real network forensics analysis using Wireshark. In both analysis, you will see how a user is infected just visiting a website and the computer begin to be part of botnet to send spam and click on web advertisements to make money.
101 Best Forensics Tutorials / eForensics Magazine22 November, 2013
- Step by step to work with your own memory dumps.
- How to analyze a traffic capture.
Malware Analysis / eForensics Magazine15 November, 2013
Asking the Malware Developer.
We live in a digital world where the infected user ask the Malware Developer how to clean his computer. In my article I will show you a real malware analysis using Cuckoo Sandbox where you will find a cypher code which will be decrypted. Also, we will locate to the Malware Devoloper in Twitter where we will check how an infected user ask him how to fix his computer. The malware developer will offer him the solution...
Computer Forensics JumpStart Vol.3 / eForensics Magazine24 October, 2013
How to analyze a traffic capture
In my article you will find the techniques used in a network forensics analysis. I show you how to a "Drive by Donwload attack" takes advantage of a web browser vulnerability which infects the user computer and include it in a network Botnet. I show you how to work with Wireshark, NetworkMinner, Virustotal and how to create a map report with the callbacks to the command and control server.