Universal Serial Bus controller or we most familiar USB, is a main requirement these days. We put movies to our pen drives, we watch them through USB, we connect our phones, players, External drives and lots of other stuff to our USB hubs and full fill our most important requirements. But the thing we don't know is all every time we connecting a USB device to our USB hub, our OS will keep information about the date, time, ID of the device, Manufacturer of the device, Product ID, Serial number and other unique details for a particular USB device will save on our machine.
Yes that's true. All of this stuff are saved by our OS. So these records are very important in a computer forensic investigation. These information will give very important evidence for computer crime scenes.
Monday, December 21, 2015
Hacking Tutorial released from ANONYMOUS in ghostbin.com
This the hacking tutorial released by Anonymous last week on this link https://ghostbin.com/paste/jrr89#L29
First and foremost, it is important for you to understand that 'hacking' is a broad term. There are many aspects to it, most of which require several programming skills, but that shouldn't stop you from using the tools made available by the internet for you to take advantage of. Go to the HTMLdog website and learn some HTML first, it is a great website and you will progress in no time. Also, consider Python as your first programming language; it is a tradition to recommend Python to newbies because it is the fundamental and appropriate language that will kickstart you in the world of computing. So, now that you are set and ready to continue with the quest, allow me to present to you a simplistic and minimalistic reference guide.
Tuesday, December 8, 2015
Analise RAM dump file
In forensic investigations it's very important thing dump the RAM's data into a file and analyze the processes / tasks that were running on the dumped time. So let's look at how we can dump the RAM's content as a raw file and how we can analyze that file for get further more details.
For this we are going to use MoonSols windows memory toolkit. This toolkit contains with four or more related tools. But for in this case we need only one tool which is "ramdumpit.exe". We can build the raw file of our ram's dump in a particular time using this tool. Just run it and it will ask the ordinary "Are you sure?" question just give yes for it. now you will see the blahblah.raw file has been created which is the dump of our RAM. Now we need our second tool which is going to analyze our dump file.
For this we are going to use MoonSols windows memory toolkit. This toolkit contains with four or more related tools. But for in this case we need only one tool which is "ramdumpit.exe". We can build the raw file of our ram's dump in a particular time using this tool. Just run it and it will ask the ordinary "Are you sure?" question just give yes for it. now you will see the blahblah.raw file has been created which is the dump of our RAM. Now we need our second tool which is going to analyze our dump file.
Subscribe to:
Posts (Atom)