Memory Forensics Step by Step / eForensics Magazine
October 10, 2013Step by step to work with your own memory dumps
In this magazine release (which I am on the cover) I've written an
article named "Step by step to work with your own memory dumps". You can
learn how to infect your computers in a lab environment in order to get
a memory dump to analyze malware samples. I make a memory forensics
studio of two trojans, Zeus and Stuxnet with Volatility. I give you the
links to download these memory dumps... Also you will read a timeline of
the last well known cyber attacks.
Wireshark Master / eForensicsMagazine
07 April, 2014
Two Real Network Forensics Analysis: CASE STUDIES OF THE ATTACKS ON PHP.NET AND THE BOSTON BOMBS MALWARE
In this release you will find two real network forensics analysis using Wireshark. In both analysis, you will see how a user is infected just visiting a website and the computer begin to be part of botnet to send spam and click on web advertisements to make money.
101 Best Forensics Tutorials / eForensics Magazine
22 November, 2013- Step by step to work with your own memory dumps.
- How to analyze a traffic capture.
Malware Analysis / eForensics Magazine
15 November, 2013Asking the Malware Developer.
We live in a digital world where the infected user ask the Malware Developer how to clean his computer. In my article I will show you a real malware analysis using Cuckoo Sandbox where you will find a cypher code which will be decrypted. Also, we will locate to the Malware Devoloper in Twitter where we will check how an infected user ask him how to fix his computer. The malware developer will offer him the solution...
Computer Forensics JumpStart Vol.3 / eForensics Magazine
24 October, 2013How to analyze a traffic capture
In my article you will find the techniques used in a network forensics
analysis. I show you how to a "Drive by Donwload attack" takes advantage
of a web browser vulnerability which infects the user computer and
include it in a network Botnet. I show you how to work with Wireshark,
NetworkMinner, Virustotal and how to create a map report with the
callbacks to the command and control server.